Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting vulnerability in thttpd 2.20 and earlier allows remote attackers to execute arbitrary script via a URL to a nonexistent page, which causes thttpd to insert the script into a 404 error message.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ACME Labs thttpd跨站脚本执行漏洞
Vulnerability Description
thttpd是一款由ACME工作室维护的WEB服务程序,可使用在BSD、Solaris、Linux操作系统下。 thttpd对用户提交的URL请求数据缺少正确充分的检查,可导致攻击者进行跨站脚本执行攻击。 当thttpd产生错误页面信息时,没有正确检查提供在URL的脚本代码,可导致攻击者在提交的URL中插入恶意脚本代码,当其他用户查看此链接的时候,恶意脚本代码可以thttpd站点上下文在用户浏览器中执行,导致用户基于Cookie认证的信息泄露给攻击者。 此漏洞在2.20b版本上测试成功,其他版本也可能存在
CVSS Information
N/A
Vulnerability Type
N/A