CNNVD-202601-4808 Information

CNNVD ID

CNNVD-202601-4808

Related CVE

CVE-2026-1466

• CNNVD Published: 2026-01-28

Description (Chinese)

Jirafeau是Jérôme Jutteau个人开发者的一种上传文件的简单方法。 Jirafeau存在跨站脚本漏洞，该漏洞源于可通过发送无效MIME类型的HTTP请求绕过预览限制，可能导致跨站脚本攻击。

Description (English)

Jirafeau is a simple way for Jérôme Jutteau’s personal developer to upload documents. Jirafeau had a cross-site script loophole, which stemmed from requests to circumvent preview restrictions by sending invalid mime-type HTTP requests, which could lead to cross-site script attacks.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

个人开发者

Published

2026-01-28

Last Modified

2026-02-24

References

https://www.cve.org/CVERecord?id=CVE-2022-30110 https://www.cve.org/CVERecord?id=CVE-2024-12326 https://www.cve.org/CVERecord?id=CVE-2025-7066 https://gitlab.com/jirafeau/Jirafeau/-/commit/747afb20bfcff14bb67e40e7035d47a6311ba3e1 https://access.redhat.com/security/cve/cve-2026-1466

Patch

https://gitlab.com/jirafeau/Jirafeau/-/tags