CNNVD-202602-1935 Information

CNNVD ID

CNNVD-202602-1935

Related CVE

CVE-2019-25311

• CNNVD Published: 2026-02-11

Description (Chinese)

thesystem是kostasmitroglou个人开发者的一个密码管理项目。 thesystem 1.0版本存在跨站脚本漏洞，该漏洞源于存储型跨站脚本，可能导致通过多个服务器数据输入字段注入恶意脚本，在受害者浏览器中执行任意JavaScript。

Description (English)

The system is a password management project for Kostasmitroglou personal developers. Version 1.0 of the system has a cross-site script loophole, which originates in a storage-type cross-site script and may lead to the injection of malicious scripts through multiple server data input fields and the implementation of any JavaScript in the victim browser.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

个人开发者

Published

2026-02-11

Last Modified

2026-02-24

References

https://github.com/kostasmitroglou/thesystem https://www.exploit-db.com/exploits/47440 https://www.vulncheck.com/advisories/thesystem-persistent-xss