HAX 安全漏洞

HAX is an open-source microsite managed using HAX+CMS with a PHP backend. There were security vulnerabilities in HAX CMS PHP versions prior to 26.0.0. These vulnerabilities stemmed from a combination of stored XSS attacks and the exposure of dynamic tokens at the /system/api/connectionSettings...

HAXcms with nodejs backend 安全漏洞

HAXcms with nodejs backend is an open source backend management system from HAX The Web. A security vulnerability exists in HAXcms with nodejs backend version 11.0.8 and earlier, which stems from mishandling of API request exceptions and could lead to a denial of service attack...

CVE-2025-53642 haxcms-nodejs and haxcms-php Improperly Terminate Sessions

haxcms-nodejs and haxcms-php are backends for HAXcms. The logout function within the application does not terminate a user's session or clear their cookies. Additionally, the application issues a refresh token when logging out. This vulnerability is fixed in 11.0.6...

HAXcms with nodejs backend 代码问题漏洞

HAXcms with nodejs backend is an open source backend management system from HAX The Web. A code issue vulnerability exists in HAXcms with nodejs backend that stems from improper session termination, which could lead to unauthorized access...