Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in Trend Micro Control Manager (TMCM) 3.5 allows remote attackers to inject arbitrary web script or HTML via the username field on the login page, which is not properly sanitized before being displayed in the error log.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Trend Micro Control Manager 访问日志 跨站脚本攻击漏洞
Vulnerability Description
Trend Micro Control Manager(TMCM)是美国趋势科技(Trend Micro)公司的一套集成了威胁检测和数据保护的管理中心软件。 TMCM在通过管理控制台显示审计日志时没用过滤日志内容,攻击者可以向登录页面的用户名字段注入脚本,当受害用户打开日志的时候,就会导致在浏览器中执行脚本代码。
CVSS Information
N/A
Vulnerability Type
N/A