Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in the convert_highlite_words function in Invision Blog before 1.1.2 Final allows remote attackers to inject arbitrary web script or HTML via double hex encoded highlight data.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Invision Blog 'convert_highlite_words'函数 跨站脚本攻击漏洞
Vulnerability Description
Invision Blog 1.1.2 Final之前版本中的convert_highlite_words函数存在跨站脚本攻击(XSS)漏洞,远程攻击者可借助双精度十六进制数据注入任意Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A