Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in widget/screen/ModelScreenWidget.java in Apache Open For Business Project (aka OFBiz) 10.04.x before 10.04.05, 11.04.01, and possibly 09.04.x allow remote authenticated users to inject arbitrary web script or HTML via the (1) Screenlet.title or (2) Image.alt Widget attribute, as demonstrated by the parentPortalPageId parameter to exampleext/control/ManagePortalPages.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apache OFBiz 多个跨站脚本漏洞
Vulnerability Description
Apache Open For Business Project(也称OFBiz)是美国阿帕奇(Apache)软件基金会的一套企业资源计划(ERP)系统。该系统提供了一整套基于Java的Web应用程序组件和工具。 Apache Open For Business Project 10.04.05之前的10.04.x版本,11.04.01版本,09.04.x版本中的widget/screen/ModelScreenWidget.java文件中存在两个跨站脚本漏洞,该漏洞源于Screenlet.title和I
CVSS Information
N/A
Vulnerability Type
N/A