CNNVD-202601-5058 Information

CNNVD ID

CNNVD-202601-5058

Related CVE

CVE-2020-37022

• CNNVD Published: 2026-01-30

Description (Chinese)

OpenZ是德国OpenZ公司的一个企业资源计划系统。 OpenZ 3.6.60版本存在跨站脚本漏洞，该漏洞源于Employee模块的名称和描述参数输入清理不当，可能导致存储型跨站脚本攻击。

Description (English)

OpenZ is an enterprise resource planning system of the German company OpenZ. Release OpenZ 3.6.60 has a cross-site script loophole, which stems from the miscleaning of the name and description parameters of the Employee module, which may result in a storage-type cross-site script attack.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

OpenZ

Published

2026-01-30

Last Modified

2026-02-24

References

https://www.exploit-db.com/exploits/48450 https://www.openz.de/ https://www.openz.de/download.html https://www.vulncheck.com/advisories/openz-erp-persistent-cross-site-scripting https://www.vulnerability-lab.com/get_content.php?id=2234