CNNVD-202601-4780 Information

CNNVD ID

CNNVD-202601-4780

Related CVE

CVE-2025-59901

• CNNVD Published: 2026-01-28

Description (Chinese)

Flexense Disk Pulse Enterprise是Flexense公司的一个实时文件系统监控软件。 Flexense Disk Pulse Enterprise 10.4.18版本存在跨站请求伪造漏洞，该漏洞源于对monitor_directory端点中monitor_directory参数的用户输入验证不足，可能导致反射型跨站脚本攻击。

Description (English)

Flexense Disk Pulse Enterprise is a real-time filesystem monitoring software for Flexense. Version 10.4.18 of Flexense Disk Pulse Enterprise contains a false cross-site request loophole, which results from insufficient user input validation of the monitor directory parameters at the monitor directory endpoint, which may result in a reflex-type cross-station script attack.

Hazard Level

High

Vulnerability Type

跨站请求伪造

Affected Vendor

Flexense

Published

2026-01-28

Last Modified

2026-02-24

References

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-flexense-products