CNNVD-202601-4374 Information

Jan 26, 2026 cve

CNNVD ID

CNNVD-202601-4374

CVE-2020-36954

CNNVD Published: 2026-01-26

Description (Chinese)

Xeroneit Library Management System是印度Xeroneit公司的一个图书管理系统。 Xeroneit Library Management System 3.1版本存在跨站脚本漏洞，该漏洞源于Book Category功能存在存储型跨站脚本，可能导致执行任意JavaScript代码。

Description (English)

Xeroneit Library Management System is a book management system of the Indian company Xeroneit. There is a cross-site script loophole in version 3.1 of Xeroneit Library Management System, which stems from the storage-type cross-site script of the Book State function, which may result in the implementation of any JavaScript code.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

Xeroneit

Published

2026-01-26

Last Modified

2026-02-24

References

https://www.exploit-db.com/exploits/49292 https://www.vulncheck.com/advisories/xeroneit-library-management-system-add-book-category-stored-xss https://xeroneit.net/ https://xeroneit.net/portfolio/library-management-system-lms

Share on: