Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in IDevSpot iSupport 1.8 and earlier allow remote attackers to inject arbitrary web script or HTML via the (a) 5 or (b) 9 field in a post action to ticket_function.php, reachable through ticket_submit.php and index.php; (c) the which parameter to function.php, or (d) the which parameter to index.php, related to knowledgebase_list.php. NOTE: some of these details are obtained from third party information.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
iDevSpot iSupport多个跨站脚本漏洞
Vulnerability Description
IDevSpot iSupport中存在多个跨站脚本漏洞,远程攻击者可以借助ticket_function.php中的一个post操作中的(a)5或(b)9字段,该字段可以通过ticket_submit.php和index.php获得; (c)function.php的which参数,或(d)index.php的which参数,注入任意web脚本或HTML,该漏洞与knowledgebase_list.php相关。
CVSS Information
N/A
Vulnerability Type
N/A