Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in ToutVirtual VirtualIQ Pro 3.2 build 7882 and 3.5 build 8691 allow remote attackers to inject arbitrary web script or HTML via the (1) userId parameter to tvserver/server/user/setPermissions.jsp, (2) deptName parameter to tvserver/server/user/addDepartment.jsp, (3) ID parameter to tvserver/server/inventory/inventoryTabs.jsp, (4) reportName parameter to tvserver/reports/virtualIQAdminReports.do, or (5) middleName parameter in a save action to tvserver/user/user.do.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ToutVirtual VirtualIQ 多个跨站脚本攻击漏洞
Vulnerability Description
ToutVirtual的 VirtualIQ一项监控管理中大型企业的在线虚拟世界的复合产品系列。 ToutVirtual VirtualIQ 存在多个跨站脚本攻击(XSS)漏洞,远程攻击者可通过(1)tvserver/server/user/setPermissions.jsp的userID参数,(2)tvserver/server/user/addDepartment.jspd deptName参数,(3)tvserver/server/inventory/inventoryTabs.jsp的ID参数,
CVSS Information
N/A
Vulnerability Type
N/A