CNNVD-202601-4313 Information

CNNVD ID

CNNVD-202601-4313

Related CVE

CVE-2020-36931

• CNNVD Published: 2026-01-25

Description (Chinese)

Click2Magic是Click2Magic公司的一个智能客户沟通平台。 Click2Magic 1.1.5版本存在跨站脚本漏洞，该漏洞源于对聊天名称输入的清理不当，可能导致存储型跨站脚本攻击。

Description (English)

Click2Magic is a smart customer communication platform for Click2Magic. Click2Magic 1.1.5 has a cross-site script loophole, which results from inappropriate clean-up of chat names and may result in a storage-type cross-site script attack.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

Click2Magic

Published

2026-01-25

Last Modified

2026-02-24

References

https://www.click2magic.com https://www.click2magic.com/user/agent/index https://www.exploit-db.com/exploits/49347 https://www.vulncheck.com/advisories/clickmagic-stored-cross-site-scripting