Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (CSS) vulnerability in ValiCert Enterprise Validation Authority (EVA) 3.3 through 4.2.1 allows remote attackers to execute arbitrary code or display false information by including HTML or script in the certificate's description, which is executed when the certificate is viewed.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ValiCert Enterprise Validation Authority 跨站脚本执行漏洞
Vulnerability Description
CVE(CAN) ID: CAN-2001-0948 The ValiCert Validation Authority提供了综合,可靠和可升级的数字证书验证体系,可以实时支持任何证书授权机构的证书。 该软件存在一个安全问题,可能导致用户敏感信息泄露。 这是由于在创建证书时,描述域没有过滤用户输入的HTML代码,当在ValiCert管理服务器查看该证书时,可能引起跨站脚本攻击。
CVSS Information
N/A
Vulnerability Type
N/A