Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in ajaxRequest/methodCall.do in Tripwire Enterprise 8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) m_target_class_name, (2) m_target_method_name, or (3) m_request_context_params parameters.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Tripwire Enterprise 跨站脚本漏洞
Vulnerability Description
Tripwire Enterprise是美国Tripwire公司的一套网络数据信息完整性安全保护软件。该软件能够监控各种平台的服务器、网络设备、应用软件中的文件数据和配置信息的变化,并通过邮件或者短信方式通知系统管理员进行处理。 Tripwire Enterprise 8.2及之前的版本中的ajaxRequest/methodCall.do文件中存在跨站脚本漏洞。远程攻击者可借助‘m_target_class_name’,‘m_target_method_name’或‘m_request_context_
CVSS Information
N/A
Vulnerability Type
N/A