CNNVD-202601-1712 Information
CNNVD ID
CNNVD-202601-1712
Related CVE
- CNNVD Published: 2026-01-10
Description (Chinese)
questdb是QuestDB开源的一个高性能、时间序列数据库。 questdb 1.11.9及之前版本存在代码注入漏洞,该漏洞源于Web Console组件存在跨站脚本漏洞,可能导致跨站脚本攻击。
Description (English)
Questdb is a high-performance, time-series database of QuestDB open sources. Questdb 1.11.9 and previous versions contain code-injecting holes, which stem from the presence of cross-site script holes in the Web Console component, which could lead to cross-site script attacks.
Hazard Level
Critical
Vulnerability Type
代码注入
Affected Vendor
QuestDB
Published
2026-01-10
Last Modified
2026-02-24
References
https://github.com/59lab/dbdb/blob/main/There%20is%20a%20cross-site%20scripting(XSS)%20vulnerability%20in%20the%20QuestDB%20database.md https://github.com/questdb/questdb/releases/tag/9.3.0 https://github.com/questdb/ui/commit/b42fd9f18476d844ae181a10a249e003dafb823d https://github.com/questdb/ui/pull/518 https://github.com/questdb/ui/pull/519#issue-3790862030 https://vuldb.com/?ctiid.340357 https://vuldb.com/?id.340357 https://vuldb.com/?submit.733253
Share on: