Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Staging Webservice ("sitecore modules/staging/service/api.asmx") in Sitecore Staging Module 5.4.0 rev.080625 and earlier allows remote attackers to bypass authentication and (1) upload files, (2) download files, (3) list directories, and (4) clear the server cache via crafted SOAP requests with arbitrary Username and Password values, possibly related to a direct request.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Sitecore CMS Staging Service 'api.asmx'验证绕过漏洞
Vulnerability Description
Sitecore Staging模块中的Staging Webservice ("sitecore modules/staging/service/api.asmx"),允许远程攻击者借助任意用户名和密码值的SOAP请求绕过验证并(1)上载文件,(2)下载文件,(3)列出目录,并且(4)清除服务器缓冲,可能与一个直接请求相关。
CVSS Information
N/A
Vulnerability Type
N/A