Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in Interchange 5.7 before 5.7.1, 5.6 before 5.6.1, and 5.4 before 5.4.3 allow remote attackers to inject arbitrary web script or HTML via (1) the mv_order_item CGI variable parameter in Core, (2) the country-select widget, or (3) possibly the value specifier when used in the UserTag feature.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Icdevgroup Interchange多个跨站脚本攻击漏洞
Vulnerability Description
Interchange中存在多个跨站脚本攻击漏洞。远程攻击者可以通过(1) Core中的mv_order_item CGI 变量参数, (2) country-select 窗口小部件, 或 (3)在 UserTag部件中运行时的估值说明,注入任意web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A