Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in the web based operator client in LiveZilla before 5.1.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) name of an uploaded file or (2) customer name in a resource created from an uploaded file, a different vulnerability than CVE-2013-7003.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
LiveZilla 跨站脚本漏洞
Vulnerability Description
LiveZilla是德国LiveZilla公司的一套免费的在线客服系统。该系统提供实时监测访客、离线留言、GeoTracking地图跟踪、访问统计、在线聊天等功能。 LiveZilla 5.1.2.1之前的版本中的Webbased Operator Client中存在跨站脚本漏洞。远程攻击者可通过上传文件的名称或上传文件的客户名称,利用该漏洞注入任意Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A