CNNVD-202601-2386 Information
CNNVD ID
CNNVD-202601-2386
Related CVE
- CNNVD Published: 2026-01-14
Description (Chinese)
pH7 Social Dating Builder是pH7 Social Dating CMS开源的一个社交约会系统。 pH7 Social Dating Builder 17.9.1版本存在安全漏洞,该漏洞源于用户个人资料描述字段存在存储型跨站脚本。
Description (English)
PH7 Social Dating Builder is a social dating system open to pH7 Social Dating CMS. pH7 Social Dating Builder version 17.9.1 contains a security loophole, which stems from the existence of a stored cross-site script in the user’s personal data description field.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
pH7 Social Dating CMS
Published
2026-01-14
Last Modified
2026-02-24
References
https://drive.google.com/drive/folders/1mYDvUTnlTPCGTB-7tHD3pmu_wHtlMVRP https://medium.com/@rudranshsinghrajpurohit/cve-2025-63644-stored-cross-site-scripting-xss-vulnerability-in-ph7-social-dating-cms-23ed0e7eb853 https://access.redhat.com/security/cve/cve-2025-63644
Patch
https://github.com/pH7Software/pH7-Social-Dating-CMS/releases
Share on: