Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in Lycos Tripod htmlGEAR guestGEAR (aka Guest Gear) allows remote attackers to inject arbitrary web script or HTML via a guestbook post containing a javascript URI in the SRC attribute of the BR element after an extra "iframe" tagname within that element, followed by a double ">", which might bypass cleansing operations.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Lycos Tripod htmlGEAR guestGEAR 跨站脚本攻击(XSS)漏洞
Vulnerability Description
Lycos Tripod htmlGEAR guestGEAR (Guest Gear)存在跨站脚本攻击(XSS)漏洞,远程攻击者可通过留言簿提交的内容(其中含有在元素内的额外"iframe"标签名之后的BR元素的SRC属性中的javascript URI,元素之后跟着一个双">",可能绕过净化操作)来注入任意Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A