安全ID : QSA-25-49
Vulnerability in QuMagie
发布日期 : January 3, 2026
通用漏洞披露 : CVE-2025-62857
受影响产品: QuMagie 2.x
严重程度
Moderate
状态
已解决
Summary
A cross-site scripting (XSS) vulnerability has been reported to affect QuMagie. If exploited, remote attackers could bypass security mechanisms or read application data.
We have already fixed the vulnerability in the following version:
| Affected Product | Fixed Version |
| QuMagie 2.x | QuMagie 2.8.1 and later |
Recommendation
To fix the vulnerability, we recommend updating QuMagie to the latest version.
Updating QuMagie
- Log on to QTS or QuTS hero as an administrator.
- Open App Center and then click
.
A search box appears. - Type "QuMagie" and then press ENTER.
QuMagie appears in the search results. - Click Update.
A confirmation message appears.
Note: The Update button is not available if your QuMagie is already up to date. - Click OK.
The system updates the application.
附件
致谢: Tim Coen
修订历史:
V1.0 (January 3, 2026) - Published
