CNNVD-202601-4317 Information

CNNVD ID

CNNVD-202601-4317

Related CVE

CVE-2026-24476

• CNNVD Published: 2026-01-26

Description (Chinese)

Shaarli是Shaarli Community开源的一套网站克隆工具。 Shaarli 0.16.0之前版本存在跨站脚本漏洞，该漏洞源于恶意标签处理不当，可能导致跨站脚本攻击。

Description (English)

Shaarli is an open-source website cloning tool for Shaarli Community. Prior to Shaarli 0.16.0, there was a cross-site script loophole, which stemmed from inappropriate handling of malicious labels and could lead to cross-site script attacks.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

Shaarli Community

Published

2026-01-26

Last Modified

2026-02-24

References

https://github.com/shaarli/Shaarli/commit/b854c789289c4b0dfbb7c1e5793bae7d8f94e063 https://github.com/shaarli/Shaarli/security/advisories/GHSA-g3xq-mj52-f8pg

Patch

https://github.com/shaarli/Shaarli/releases