CNNVD-202512-5467 Information

CNNVD ID

CNNVD-202512-5467

Related CVE

CVE-2025-15355

• CNNVD Published: 2025-12-30

Description (Chinese)

NetVision Information ISOinsight是中国正邦资讯（NetVision Information）公司的一个运维管理平台。 NetVision Information ISOinsight存在跨站脚本漏洞，该漏洞源于存在反射型跨站脚本，可能导致未经验证的远程攻击者通过钓鱼攻击在用户浏览器中执行任意JavaScript代码。

Description (English)

NetVision Information ISOinsight is a transportation management platform for the Chinese company NetVision Information. NetVision Information ISOinsight has a cross-site script loophole, which stems from the presence of a reflector-type cross-site script, which could lead to uncertified long-range attackers using fishing attacks to enforce any JavaScript code in a user browser.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

正邦资讯

Published

2025-12-30

Last Modified

2026-02-24

References

https://www.twcert.org.tw/en/cp-139-10610-b98b4-2.html https://www.twcert.org.tw/tw/cp-132-10609-0221b-1.html