CNNVD-202601-1399 Information

CNNVD ID

CNNVD-202601-1399

Related CVE

CVE-2025-66916

• CNNVD Published: 2026-01-08

Description (Chinese)

RuoYi-Vue-Plus是中国dromara组织的一个开发框架。 RuoYi-Vue-Plus 5.5.1及之前版本存在安全漏洞，该漏洞源于未过滤用户输入，可能导致任意文件读写。

Description (English)

RuoYi-Vue-Plus is a development framework for the Dromara organization in China. RuoYi-Vue-Plus 5.5.1 and previous versions had a security loophole, which originated from unfiltered user input and could lead to the reading and writing of any document.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

dromara

Published

2026-01-08

Last Modified

2026-02-24

References

https://gist.github.com/Catherines77/e3f06b9c4cc6298579e858088a243c3d https://gitee.com/dromara/RuoYi-Vue-Plus https://github.com/Catherines77/code-au/blob/main/ruoyi-vue-plus/QLExpress.md

Patch

https://gitee.com/dromara/RuoYi-Vue-Plus/releases/tag/v5.5.2