CNNVD-202601-2815 Information

CNNVD ID

CNNVD-202601-2815

Related CVE

CVE-2026-23769

• CNNVD Published: 2026-01-16

Description (Chinese)

Lucy-XSS是NAVER开源的一个跨站脚本工具防护库。 Lucy-XSS存在安全漏洞，该漏洞源于默认超集规则文件配置不当导致清理不当，可能导致执行恶意JavaScript。

Description (English)

Lucy-XSS is a multi-station script protection library for NAVER open source. Lucy-XSS has a security loophole, which stems from the fact that the default overset file configuration has not led to a proper clean-up, which could lead to the implementation of malicious JavaScript.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

NAVER

Published

2026-01-16

Last Modified

2026-02-24

References

https://cve.naver.com/detail/cve-2026-23769.html https://github.com/naver/lucy-xss-filter/pull/32