CNNVD-202512-588 Information
Dec 04, 2025
cve
CNNVD ID
CNNVD-202512-588
Related CVE
- CNNVD Published: 2025-12-04
Description (Chinese)
Seafile是中国海文互知网络技术(Seafile)公司的一款开源的企业云盘。该产品具有Markdown WYSIWYG编辑,Wiki,文件标签等功能。 Seafile v12.0.10版本存在跨站脚本漏洞,该漏洞源于PUT参数name未过滤,可能导致存储型跨站脚本攻击。
Description (English)
Seafile is an open-source enterprise of Seafile, China. The product has the functions of Markdown WYSIWYG Editor, Wiki, Document Label, etc. Version Seafile v12.010 has a cross-site script loophole, which stems from the fact that the PUT parameter name is not filtered and may result in a storage-type cross-site script attack.
Hazard Level
High
Vulnerability Type
跨站脚本
Affected Vendor
海文互知网络技术
Published
2025-12-04
Last Modified
2026-02-24
References
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-seafile
Share on: