Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in the addItem method in the Menu widget in YUI before 2.9.0 allows remote attackers to inject arbitrary web script or HTML via a field that is added to a menu, related to documentation that specifies this field as a text field rather than an HTML field, a similar issue to CVE-2010-4569 and CVE-2010-4570.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Yahoo YUI Menu部件addItem方法跨站脚本攻击漏洞
Vulnerability Description
YUI是美国雅虎(Yahoo!)公司的一个开源的JavaScript和CSS库,它的作用是创建交互式Web应用程序。 YUI 2.9.0之前版本中的Menu部件的addItem方法中存在跨站脚本攻击漏洞。远程攻击者可以借助添加菜单字段注入任意web脚本或者HTML。该漏洞与将该字段识别为文本而不是HTML字段的文档有关。
CVSS Information
N/A
Vulnerability Type
N/A