Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in connect.asp in Microsoft Terminal Services Advanced Client (TSAC) ActiveX control allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft TSAC ActiveX控件远程跨站脚本执行漏洞
Vulnerability Description
Terminal Services Advanced Client (TSAC) Web控件是一个用于结合IE运行终端服务会话的ActiveX控件,TSAC WEB包可以装在IIS 4.0和之后的版本,而IIS5.1可以作为选项安装远程桌面WEB连接组件。 TSAC WEB组件中的connect.asp脚本用户提供的参数缺少正确过滤,远程攻击者可以利用这个漏洞进行跨站脚本执行攻击。 TSAC WEB组件中的connect.asp脚本对用户提交的HTML,或者JAVASCRIPT代码等外部输入数据缺少过滤,
CVSS Information
N/A
Vulnerability Type
N/A