CNNVD-202601-2636 Information

CNNVD ID

CNNVD-202601-2636

Related CVE

CVE-2021-47754

• CNNVD Published: 2026-01-15

Description (Chinese)

Arunna是arunna个人开发者的一个社交媒体框架。 Arunna 1.0.0版本存在安全漏洞，该漏洞源于缺少身份验证，可能导致跨站请求伪造攻击，从而操纵用户配置文件设置。

Description (English)

Arunna is a social media framework for arunna personal developers. The Arunna 1.0.0 version has a security loophole, which stems from a lack of identification, which could lead to cross-site requests for a false attack, thus manipulating the user configuration.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2026-01-15

Last Modified

2026-02-24

References

https://github.com/arunna/arunna https://lyhinslab.org/index.php/2021/11/29/how-white-box-hacking-works-xss-csrf-in-arunna/ https://web.archive.org/web/20211216074128/ https://www.exploit-db.com/exploits/50608