CNNVD-202601-3401 Information
Jan 21, 2026
cve
CNNVD ID
CNNVD-202601-3401
Related CVE
- CNNVD Published: 2026-01-21
Description (Chinese)
Litespeed Technologie OpenLiteSpeed是Litespeed Technologie公司的一款开源的Web服务器。 Litespeed Technologie OpenLiteSpeed 1.7.9版本存在跨站脚本漏洞,该漏洞源于仪表板的Notes参数存在存储型跨站脚本,可能导致执行恶意脚本。
Description (English)
Liespeed Technology OpenLiteSpeed is an open-source Web server for Liespeed Technology. There is a cross-site script loophole in version 1.7.9 of Liespeed Technologie OpenLiteSpeed, which stems from the storage-type cross-site script of the Notes parameters of the dashboard, which may lead to the execution of malicious scripts.
Hazard Level
Medium
Vulnerability Type
跨站脚本
Affected Vendor
Litespeed Technologie
Published
2026-01-21
Last Modified
2026-02-24
References
https://openlitespeed.org/ https://www.exploit-db.com/exploits/49727 https://www.vulncheck.com/advisories/openlitespeed-notes-stored-cross-site-scripting
Patch
https://openlitespeed.org/downloads/
Share on: