Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in the user account creation feature in Exponent CMS 0.96.6-GA20071003 and earlier, when the Allow Registration? configuration option is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) username, (2) firstname, (3) lastname, and (4) e-mail address fields. NOTE: some of these details are obtained from third party information.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Exponent CMS 跨站脚本攻击漏洞
Vulnerability Description
Exponent CMS 0.96.6-GA20071003及其早期版本的用户帐户创建部件中的多个跨站脚本攻击漏洞, 在Allow Registration? 配置选项被激活的时候, 远程攻击者通过(1) 用户名, (2) 名, (3) 姓, 和(4) e-mail 地址字段来注入任意web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A