Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in synetics i-doit open 0.9.9-7, i-doit pro 1.0 and earlier, and i-doit pro 1.0.2 when the 'sanitize user input' flag is not enabled, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Synetics i-doit 跨站脚本漏洞
Vulnerability Description
Synetics i-doit是德国Synetics公司的一个基于Web的开源IT文档和CMDB(配置管理数据库),它能够记录IT系统及其变化的信息,同时针对系统变化制定应急方案,最终确保IT网络稳定、高效的运作。 Synetics i-doit open 0.9.9-7版本,i-doit pro 1.0及之前的版本及i-doit pro 1.0.2版本中存在跨站脚本漏洞。当程序未设置‘sanitize user input’标志时,远程攻击者可利用该漏洞注入任意Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A