CNNVD-202601-1200 Information

CNNVD ID

CNNVD-202601-1200

Related CVE

CVE-2025-66686

• CNNVD Published: 2026-01-07

Description (Chinese)

Perch CMS是Perch公司的一个内容管理系统。 Perch CMS 3.2版本存在安全漏洞，该漏洞源于管理面板中Help button url设置存在存储型跨站脚本，可能导致会话劫持、信息泄露、权限提升或未经授权的管理操作。

Description (English)

Perch CMS is a content management system for Perch. Perch CMS version 3.2 contains a security loophole, which stems from the storage of the Help button url set-up in the management panel, which may lead to the hijacking of conversations, the disclosure of information, the enhancement of privileges or unauthorized management operations.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Perch

Published

2026-01-07

Last Modified

2026-02-24

References

https://github.com/mertdurum06/Perch-v3.2 https://github.com/mertdurum06/Perch-v3.2/blob/main/Perch%20v3.2_Poc.txt https://access.redhat.com/security/cve/cve-2025-66686