Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Creammonkey 0.9 through 1.1 and GreaseKit 1.2 through 1.3 does not properly prevent access to dangerous functions, which allows remote attackers to read the configuration, modify the configuration, or send an HTTP request via the (1) GM_addStyle, (2) GM_log, (3) GM_openInTab, (4) GM_setValue, (5) GM_getValue, or (6) GM_xmlhttpRequest function within a web page on which a userscript is configured.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Creammonkey/GreaseKit 安全设置漏洞
Vulnerability Description
从0.9到1.1版本的Creammonkey和从1.2到1.3版本的GreaseKit没有恰当地阻止危险功能,这允许远程攻击者通过以下几种方式查看并修改配置:(1)GM_addstlye,(2)GM_log,(3)GM_openInTab,(4)GM_setValue,(5)GM_getValue,(6)GM_xmlhttpRequest function。
CVSS Information
N/A
Vulnerability Type
N/A