Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in StaticStore Search Engine 1.189A and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to search.cgi, possibly the keywords parameter. NOTE: this issue was originally disputed by the vendor, but it has since been acknowledged.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
StaticStore Search.CGI跨站脚本漏洞
Vulnerability Description
StaticStore Search Engine 1.189A及更早版本存在跨站脚本攻击漏洞,远程攻击者可以通过search.cgi的未明搜索参数(有可能是关键词参数)注入任意Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A