Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE, possibly 3.3.2, allow remote attackers to inject arbitrary web script or HTML via (1) the searchWord parameter to help/advanced/searchView.jsp or (2) the workingSet parameter in an add action to help/advanced/workingSetManager.jsp, a different issue than CVE-2010-4647.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Eclipse IDE Help Contents web应用程序多个跨站脚本攻击漏洞
Vulnerability Description
Eclipse IDE 是世界上最流行的 Java 开发 IDE 之一。 Eclipse IDE可能是3.3.2版本中的Help Contents web应用程序(又名Help Server)中存在多个跨站脚本攻击漏洞。远程攻击者可以借助(1)向help/advanced/searchView.jsp传递的searchWord参数,或者(2)在add操作中向help/advanced/workingSetManager.jsp传递的workingSet参数注入任意web脚本或者HTML。
CVSS Information
N/A
Vulnerability Type
N/A