CNNVD-202601-2770 Information

CNNVD ID

CNNVD-202601-2770

Related CVE

CVE-2021-47844

• CNNVD Published: 2026-01-16

Description (Chinese)

Xmind是Xmind公司的一个思维导图软件。 Xmind 2020版本存在安全漏洞，该漏洞源于允许向思维导图文件或自定义标头注入恶意有效载荷，可能导致远程代码执行。

Description (English)

Xmind is a thought mapping software for Xmind. Xmind 2020 has a security loophole, which stems from allowing malicious payloads to be injected into the mind mapping file or customized header, which may lead to remote code implementation.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Xmind

Published

2026-01-16

Last Modified

2026-02-24

References

https://imgur.com/a/t96Nxo5 https://www.exploit-db.com/exploits/49827 https://www.vulncheck.com/advisories/xmind-persistent-cross-site-scripting https://www.xmind.net/ https://access.redhat.com/security/cve/cve-2021-47844

Patch

https://xmind.com/download