Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in the Contact Details functionality in Yahoo! Messenger 8.1.0.209 and earlier allow user-assisted remote attackers to inject arbitrary web script or HTML via a javascript: URI in the SRC attribute of an IMG element to the (1) First Name, (2) Last Name, and (3) Nickname fields. NOTE: some of these details are obtained from third party information.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Yahoo! Messenger Notification Message HTML注入漏洞
Vulnerability Description
Yahoo! Messenger 8.1.0.209版本及其早期版本的Contact Details函数中存在多个跨站脚本攻击漏洞。allow 用户协助式的远程攻击者可以借助一个javascript:对(1)名,(2)姓,和(3)绰号字段的IMG元件的SRC属性的URI,注入任意web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A