Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The XMonad.Hooks.DynamicLog module in xmonad-contrib before 0.11.2 allows remote attackers to execute arbitrary commands via a web page title, which activates the commands when the user clicks on the xmobar window title, as demonstrated using an action tag.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
xmonad XMonad.Hooks.DynamicLog模块代码注入漏洞
Vulnerability Description
Xmonad是Xmonad团队开发的一款运行在类Unix操作系统上的平铺式窗口管理器,该管理器具有窗口之间不会被遮挡,并自动调整大小的特点。XMonad.Hooks.DynamicLog是其中的一个第三方扩展。 xmonad-contrib 0.11.1版本和0.11版本的XMonad.Hooks.DynamicLog模块中存在安全漏洞。远程攻击者可借助特制的Web页面标题利用该漏洞执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A