Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in Comersus BackOffice allows remote attackers to inject arbitrary web script or HTML via the error parameter to comersus_backoffice_supportError.asp. NOTE: the comersus_backoffice_message.asp/message vector is already covered by CVE-2005-2191 item 2.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Comersus BackOffice comersus_backoffice_supportError.asp跨站脚本攻击(XSS)漏洞
Vulnerability Description
Comersus BackOffice是基于ASP实现的开放源代码的网络购物系统。 Comersus BackOffice中的跨站脚本攻击(XSS)漏洞,可让远程攻击者通过comersus_backoffice_supportError.asp的错误参数注入任意Web脚本或HTML。注意:CVE-2005-2191第2项已涵盖了comersus_backoffice_message.asp/消息矢量。
CVSS Information
N/A
Vulnerability Type
N/A