CNNVD-202602-1483 Information

Feb 10, 2026 cve

CNNVD ID

CNNVD-202602-1483

CVE-2026-24045

  • CNNVD Published: 2026-02-10

Description (Chinese)

Docmost是Docmost开源的一个开协作维基和文档软件。 Docmost 0.25.0之前版本存在安全漏洞,该漏洞源于HTML转义不足,可能导致存储型跨站脚本攻击。

Description (English)

Dochost is an open collaborative wiki and document software for Docchost Open Source. There was a security loophole in the pre-Doc cannot 0.25.0 version, which stemmed from insufficient HTML conversion, which could lead to storage-type cross-site script attacks.

Vulnerability Type

其他

Affected Vendor

Docmost

Published

2026-02-10

Last Modified

2026-02-24

References

https://github.com/docmost/docmost/commit/f3f74c591f32f85b8aa9a98ed884a7dd455780f9 https://github.com/docmost/docmost/security/advisories/GHSA-h7fp-4f37-29wq https://github.com/docmost/docmost/releases/tag/v0.25.0 https://access.redhat.com/security/cve/cve-2026-24045

Patch

https://github.com/docmost/docmost/releases/

Share on: