Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in ow.asp in OpenWiki 0.78 allows remote attackers to inject arbitrary web script or HTML via the p parameter. NOTE: this issue has been disputed by the vendor and a third party who is affiliated with the product. The vendor states "You cannot insert code in a wikipage or via URL parameters as they are all escaped before usage, so nothing can be compromised at other sites.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Open Wiki 'ow.asp' 跨站脚本攻击漏洞
Vulnerability Description
** 有争议 ** OpenWiki 0.78的ow.asp中存在跨站脚本攻击(XSS)漏洞。 远程攻击者可以借助 p 参数注入任意Web脚本或HTML。 注: 厂商和与产品有关的第三方对此问题提出反驳。厂商宣称"你不能在wikipage当中或通过URL参数插入代码,因为它们在使用前已经全部逸出,因此不会对其他站点造成任何危害。"
CVSS Information
N/A
Vulnerability Type
N/A