CNNVD-202602-062 Information

CNNVD ID

CNNVD-202602-062

Related CVE

CVE-2025-70959

• CNNVD Published: 2026-02-02

Description (Chinese)

Tendenci是美国Tendenci公司的一款主要用于非营利组织和协会的协会管理软件。该软件支持会员管理、内容管理、事件管理和网上捐款管理等功能。 Tendenci 15.3.7版本存在安全漏洞，该漏洞源于Jobs模块中对输入清理不当，可能导致存储型跨站脚本攻击。

Description (English)

Tendenci is an association management software for non-profit organizations and associations in the United States of America. The software supports member management, content management, event management and online contribution management functions. Version 15.3.7 of Tendenci contains a security loophole, which stems from the inappropriate clean-up of inputs in the Jobs module and may result in a storage-type cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Tendenci

Published

2026-02-02

Last Modified

2026-02-24

References

https://github.com/emirhanyucelll/tendenci/blob/main/Readme.md https://access.redhat.com/security/cve/cve-2025-70959

Patch

https://github.com/tendenci/tendenci/releases