Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in UserLand Manila allow remote attackers to inject arbitrary web script or HTML (1) via the referer parameter in sendMail, and via attributes of (2) the A element and certain other HTML elements in web pages edited with the editInBrowser module. NOTE: the msgReader$1 mode attack vector is already covered by CVE-2006-1769.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
UserLand Manila 多个跨站脚本攻击漏洞
Vulnerability Description
UserLand Manila存在多个跨站脚本攻击漏洞。这使得远程攻击者可以借助于(1)sendMail中的referer参数及(2)使用editInBrowser模块编辑的web页面中的A元素和某些其他HTML元素的属性注入任意Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A