CNNVD-202601-2549 Information
Jan 15, 2026
cve
CNNVD ID
CNNVD-202601-2549
Related CVE
- CNNVD Published: 2026-01-15
Description (Chinese)
AnyComment是俄罗斯AnyComment公司的一个嵌入式评论系统工具。 AnyComment 0.4.4版本存在安全漏洞,该漏洞源于评论部分未对输入进行清理,可能导致跨站脚本攻击。
Description (English)
AnyComment is an embedded comment system tool for the Russian company AnyComment. There is a security loophole in version 0.4.4 of the AnyComment, which stems from the failure of the comments to clean up the input, which could lead to a cross-site script attack.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
AnyComment
Published
2026-01-15
Last Modified
2026-02-24
References
https://anycomment.io/site/changelog https://bdu.fstec.ru/vul/2023-08900
Patch
https://anycomment.io/site/changelog
Share on: