关键信息 漏洞ID CVE-2025-62662 漏洞类型 Stored XSS through system messages in AdvancedSearch 影响版本 Version(s): 1.4.2.x (up to 1.4.2.0) Affected: Yes Fixed: No 描述 Nginx system messages are returned as HTML by the AdvancedSearch resource, allowing for stored XSS. 复现步骤 1. Take a screenshot. 2. View an advanced search page in Firefox. 3. Click on "Advanced Search" and then click on "Save". 4. A markup of data is shown by the /system/messages/advancedsearch resource: - advancedsearch-field-advancedsearch - advancedsearch-field-help - advancedsearch-field-new - advancedsearch-field-old - advancedsearch-field-range - advancedsearch-field-subject - advancedsearch-field-author - advancedsearch-field-content 原因 The message is converted at this place, which does not escape the contents and converts the break into a tag. It has been introduced with 1.4.2.0. 额外信息 Author: Willem Vanhaelen (@ Packt) Related Changes: In OpenSearch Mentions: Security Prior To Deploy on the Security Team Board Tags: #SecurityTeam, #Vulnerability, #XSS Technologies: Nginx, JavaScript, HTML ``` 这些信息总结了漏洞的关键细节,包括其ID、类型、影响的版本、描述、复现步骤、原因以及额外的相关信息和标签。