CNNVD-202601-4407 Information

CNNVD ID

CNNVD-202601-4407

Related CVE

CVE-2026-1429

• CNNVD Published: 2026-01-26

Description (Chinese)

WellChoose Single Sign-On Portal System是中国台湾葳桥资讯（WellChoose）公司的一个单点登录门户系统。 WellChoose Single Sign-On Portal System存在跨站脚本漏洞，该漏洞源于存在反射型跨站脚本，可能导致通过钓鱼攻击执行任意JavaScript代码。

Description (English)

Well Choose Single Sign-On Portal System is a single-point access portal for WellChoose, a Chinese company. Well Choose Single Sign-On Portal System has a cross-site script loophole, which stems from the presence of reflective cross-site scripts, which may lead to the enforcement of any JavaScript code through fishing attacks.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

葳桥资讯

Published

2026-01-26

Last Modified

2026-02-24

References

https://www.twcert.org.tw/en/cp-139-10655-59160-2.html https://www.twcert.org.tw/tw/cp-132-10654-23f40-1.html

Patch

https://www.wellchoose.com.tw/product/productDetails.php?pkno=PK0001&pdno=PD0001