Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in Kayako SupportSuite - ESupport 3.00.13 and 3.04.10 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to a (1) lostpassword or (2) register action in index.php, (3) unspecified vectors in the Submit form in a submit action in index.php, and (4) the user's name in index.php; and (5) allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors related to the Admin and Staff Control Panel. NOTE: this might issue overlap CVE-2004-1412, CVE-2005-0487, or CVE-2005-0842.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Kayako SupportSuite - Esupport 多个跨站脚本攻击漏洞
Vulnerability Description
Kayako SupportSuite - ESupport 3.00.13和3.04.10版本中存在多个跨站脚本攻击漏洞。远程攻击者可以借助与index.php中的丢失密码或注册操作相关的未明向量,与index.php的提交操作中的提交格式相关的未明向量和index.php中的用户名,注入任意的web脚本或HTML。远程认证用户可以借助与Admin和Staff控制面板相关的未明向量,注入任意的web脚本或HTML。注意:这些向量可能与CVE-2004-1412,CVE-2005-0487或CVE-200
CVSS Information
N/A
Vulnerability Type
N/A