CNNVD-202601-3278 Information
CNNVD ID
CNNVD-202601-3278
Related CVE
- CNNVD Published: 2026-01-20
Description (Chinese)
Botble TransP等都是越南Botble公司的产品。Botble TransP是一款针对物流、快递和货运管理的系统。Botble Athena是一个内容管理平台。Botble Martfury是一个多商户电子商务系统。 Botble多款产品存在跨站脚本漏洞,该漏洞源于对用户输入验证不足,可能导致HTML注入。以下产品受到影响:TransP、Athena、Martfury和Homzen。
Description (English)
Botble TransP and others are the products of Botble in Viet Nam. Botble TransP is a system for logistics, express delivery and freight management. Botble Athena is a content management platform. Botble Martfury is a multi-business e-commerce system. There is a cross-site script loophole in multiple Botble products, which results from inadequate user input validation, which may result in HTML injections. The following products were affected: TransP, Athena, Martfury and Homzen.
Hazard Level
High
Vulnerability Type
跨站脚本
Affected Vendor
Botble
Published
2026-01-20
Last Modified
2026-02-24
References
https://www.incibe.es/en/incibe-cert/notices/aviso/html-injection-multiple-botble-products
Share on: