Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in LiveZilla before 5.1.2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) full name field, (2) company field, or (3) filename to chat.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
LiveZilla 跨站脚本漏洞
Vulnerability Description
LiveZilla是德国LiveZilla公司的一套免费的在线客服系统。该系统提供实时监测访客、离线留言、GeoTracking地图跟踪、访问统计、在线聊天等功能。 LiveZilla 5.1.1.0及之前的版本中存在跨站脚本漏洞,该漏洞源于脚本没有充分过滤‘full name’和‘company’字段及文件名。远程攻击者可利用该漏洞注入任意Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A