CNNVD-202602-554 Information
CNNVD ID
CNNVD-202602-554
Related CVE
- CNNVD Published: 2026-02-04
Description (Chinese)
Nature Easy Soft Network Technology ZenTao是中国易软天创网络科技(Nature Easy Soft Network Technology)公司的一套开源项目管理软件。该软件包括产品管理、项目管理、质量管理和文档管理等功能。 Nature Easy Soft Network Technology ZenTao 21.7.6-85642及之前版本存在代码问题漏洞,该漏洞源于文件module/webhook/model.php中函数fetchHook存在缺陷,可能导致服务端请求伪造。
Description (English)
Nature Easy Soft Network Technology Zentao is an open-source project management software for Chinese company Nasty Soft Network Technology. The software includes functions such as product management, project management, quality management and document management. There is a code gap in the Nature East Soft Network Technology ZenTao 21.7.6-85642 and earlier versions, which stems from the defects of the FetchHook function in document Modeule/webbook/moder.php, which may result in the forgery of service requests.
Hazard Level
High
Vulnerability Type
代码问题
Affected Vendor
易软天创网络科技
Published
2026-02-04
Last Modified
2026-02-24
References
https://github.com/ez-lbz/ez-lbz.github.io/issues/9 https://github.com/ez-lbz/ez-lbz.github.io/issues/9#issue-3832844574 https://vuldb.com/?ctiid.344264 https://vuldb.com/?id.344264 https://vuldb.com/?submit.742633
Share on: