CNNVD-202601-1213 Information

CNNVD ID

CNNVD-202601-1213

Related CVE

CVE-2025-15479

• CNNVD Published: 2026-01-07

Description (Chinese)

Data Illusion Zumbrunn NGSurvey Enterprise Edition是瑞士Data Illusion Zumbrunn公司的一个问卷调查与数据采集系统。 Data Illusion Zumbrunn NGSurvey Enterprise Edition 3.6.4版本存在安全漏洞，该漏洞源于调查内容和管理功能输出编码不当，可能导致存储型跨站脚本攻击。

Description (English)

Data Illusion Zumbrunn NGSurvey Enterprise Education is a questionnaire and data collection system of the Swiss company Data Illusion Zumbrunn. Data Illusion Zumbrunn NGSurvey Enterprise Edition 3.6.4 contains a security loophole that stems from the improper coding of survey content and management functions, which may lead to storage-type cross-site script attacks.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Data Illusion Zumbrunn

Published

2026-01-07

Last Modified

2026-02-24

References

https://cds.thalesgroup.com/en/tcs-cert/CVE-2025-15479 https://docs.ngsurvey.com/installation-setup/change-log#id-3.6.17-2025-05-28