CNNVD-202512-5001 Information
CNNVD ID
CNNVD-202512-5001
Related CVE
- CNNVD Published: 2025-12-29
Description (Chinese)
CacheCloud是SohuTV开源的一个Redis云管理平台。 CacheCloud 3.2.0及之前版本存在代码注入漏洞,该漏洞源于对文件src/main/java/com/sohu/cache/web/controller/AppController.java中函数doAppList/appCommandAnalysis的错误操作,可能导致跨站脚本。
Description (English)
CacheClaud is a Redis cloud management platform for SohuTV. CacheClaud 3.2.0 and previous versions had a code-infusion loophole, which stemmed from an error in the function of src/main/java/com/sohu/cache/web/controller/AppController.java doAppList/appCommandAnalysis, which could result in a cross-site script.
Hazard Level
Critical
Vulnerability Type
代码注入
Affected Vendor
SohuTV
Published
2025-12-29
Last Modified
2026-02-24
References
https://vuldb.com/?ctiid.338560 https://vuldb.com/?id.338560 https://vuldb.com/?submit.716309 https://vuldb.com/?submit.716322 https://github.com/sohutv/cachecloud/issues/381 https://github.com/sohutv/cachecloud/issues/371 https://access.redhat.com/security/cve/cve-2025-15175
Patch
https://github.com/sohutv/cachecloud/releases
Share on: