Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in a ZCC page in njwc.jar in Novell ZENworks Configuration Management (ZCM) 11.2 before 11.2.3a Monthly Update 1 allows remote attackers to inject arbitrary web script or HTML via vectors involving an onError event.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Novell ZENworks Configuration Management 反射XSS跨站脚本漏洞
Vulnerability Description
Novell ZENworks Configuration Management(ZCM)是美国Novell公司的一套配置管理解决方案。该方案可借助集成工具,在物理、虚拟和云环境中实现IT管理和业务流程的自动化。 Novell ZENworks Configuration Management (ZCM) 11.2.3a Monthly Update 1之前的11.2版本中的njwc.jar中的ZCC页面中存在跨站脚本漏洞。远程攻击者可通过包含onload事件的向量利用该漏洞注入任意Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A