Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site request forgery (CSRF) vulnerabilities in BEdita before 3.1 allow remote attackers to hijack the authentication of administrators for requests that (1) create categories via a data array to news/saveCategories or (2) modify credentials via a data array to admin/saveUser.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Bedita 跨站脚本漏洞
Vulnerability Description
BEdita是意大利Chialab和ChannelWeb公司共同研发的一套用来创建基于语义规则的PHP应用程序和内容管理系统的框架。 BEdita 3.1之前的版本中的news/saveCategories和admin/saveUser URI存在跨站脚本漏洞。远程攻击者可借助特制的‘data[]’数组利用该漏洞创建目录或修改证书。
CVSS Information
N/A
Vulnerability Type
N/A