Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in the tb-send.rb (TrackBack transmission) plugin in tDiary 2.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown vectors, possibly related to the (1) plugin_tb_url and (2) plugin_tb_excerpt parameters.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
tDiary tb-send.rb插件 跨站脚本攻击漏洞
Vulnerability Description
tDiary是一个基于Ruby和mod_ruby的类似weblog的软件。 tDiary的tb-send.rb (TrackBack transmission)插件中存在跨站脚本攻击漏洞。远程攻击者可以借助未明向量,执行跨站脚本攻击,导致任意web脚本或HTML注入,这些未明向量可能与(1) plugin_tb_url 和(2) plugin_tb_excerpt 参数相关联。
CVSS Information
N/A
Vulnerability Type
N/A