Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site Scripting (XSS) in Telaen before 1.3.1 allows remote attackers to inject arbitrary web script or HTML via the "f_email" parameter in index.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Telaen 跨站脚本漏洞
Vulnerability Description
Telaen是一个由PHP开发基于Web的电子邮件客户端。该客户端运行在任何支持PHP的Email服务器下,不需要数据库支持,兼容POP3和IMAP协议。 Telaen 1.3.1之前版本中的index.php脚本存在跨站脚本漏洞,该漏洞源于程序没有正确验证用户输入。远程攻击者可借助特制URL中的‘f_email’参数利用该漏洞注入任意Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A