Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in Storytlr 1.3.dev and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter to search/.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Storytlr 跨站脚本漏洞
Vulnerability Description
Storytlr是一套开源的微博和生活流(Lifestreaming,是一种在线记录个人日常活动的网络应用)系统。该系统支持单用户和多用户两种模式。 Storytlr 1.3.dev及之前版本中存在跨站脚本漏洞,该漏洞源于search/ URI没有充分过滤‘search’参数。远程攻击者可利用该漏洞注入任意Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A