Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in header.php in Ganglia Web 3.5.8 and 3.5.10 allows remote attackers to inject arbitrary web script or HTML via the host_regex parameter to the default URI, which is processed by get_context.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Ganglia Web ‘get_context.php’跨站脚本漏洞
Vulnerability Description
Ganglia Web是一套开源的集群系统监视应用程序,它可监视CPU、内存、硬盘利用率、I/O负载、网络流量情况等,以及通过曲线的方式查看每个节点的工作状态。 Ganglia Web 3.5.8和3.5.10版本中的header.php脚本中存在跨站脚本漏洞,该漏洞源于应用程序没有验证get_context.php脚本中的GET变量。远程攻击者可借助特制的‘host_regex’参数利用该漏洞注入任意Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A