漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in the cleanup_urls function in forum/utils/html.py in OSQA before 1234, and 0.9.0 Beta 3 and earlier, allows remote attackers to inject arbitrary web script or HTML via vectors related to a crafted URI.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OSQA ‘forum/utils/html.py’ 跨站脚本漏洞
Vulnerability Description
OSQA 1234之前版本和0.9.0 Beta 3及之前版本中的forum/utils/html.py的cleanup_urls函数中存在跨站脚本漏洞(XSS)。远程攻击者可利用该漏洞借助与特制URL相关的向量,注入任意web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A