CNNVD-202601-3961 Information

CNNVD ID

CNNVD-202601-3961

Related CVE

CVE-2021-47906

• CNNVD Published: 2026-01-23

Description (Chinese)

bloofoxCMS是布卢福克斯（bloofoxCMS）个人开发者的一个基于Php的文本内容管理系统。 BloofoxCMS 0.5.2.1版本存在安全漏洞，该漏洞源于articles文本参数存在存储型跨站脚本漏洞，可能导致注入恶意脚本。

Description (English)

bloofoxCMS is a Php-based text content management system for the BloofoxCMS personal developers. There is a security loophole in version BloofoxCMS 0.5.2.1, which stems from the storage-type cross-site script gap in the text parameter of the articlees, which may result in the injection of malicious scripts.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2026-01-23

Last Modified

2026-02-24

References

https://github.com/alexlang24/bloofoxCMS/releases https://www.bloofox.com/ https://www.exploit-db.com/exploits/49492 https://www.vulncheck.com/advisories/bloofoxcms-text-stored-cross-site-scripting