CNNVD-202602-1931 Information

CNNVD ID

CNNVD-202602-1931

Related CVE

CVE-2019-25316

• CNNVD Published: 2026-02-11

Description (Chinese)

GOautodial是GOautodial开源的下一代全渠道联络中心套件。 GOautodial 4.0版本存在跨站脚本漏洞，该漏洞源于存储型跨站脚本，可能导致通过事件标题参数注入恶意脚本，在受害者浏览器中执行任意JavaScript。

Description (English)

GOautodial is the next generation full-channel focal point package for GOautodial open source. The GOautodial 4.0 version has a cross-site script loophole, which originates from a storage-type cross-site script and may lead to the injection of malicious scripts through the event title parameters and the implementation of any JavaScript in the victim browser.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

GOautodial

Published

2026-02-11

Last Modified

2026-02-24

References

https://goautodial.org/ https://www.exploit-db.com/exploits/47402 https://www.vulncheck.com/advisories/goautodial-createevent-persistent-cross-site-scripting