CNNVD-202601-4344 Information

CNNVD ID

CNNVD-202601-4344

Related CVE

CVE-2025-70368

• CNNVD Published: 2026-01-26

Description (Chinese)

Worklenz是Worklenz开源的一个项目管理工具。 Worklenz 2.1.5版本存在安全漏洞，该漏洞源于项目更新功能输入清理不当，可能导致存储型跨站脚本攻击。

Description (English)

Worklenz is an open-source project management tool for Worklenz. Worklenz 2.1.5 has a security loophole, which stems from the poor clean-up of the project ’ s updated functionality, which may result in a storage-type cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Worklenz

Published

2026-01-26

Last Modified

2026-02-24

References

https://github.com/Worklenz/worklenz https://github.com/Stolichnayer/CVE-2025-70368 https://access.redhat.com/security/cve/cve-2025-70368