Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in content.aspx in Ektron CMS 8.7 before 8.7.0.055 allows remote authenticated users to inject arbitrary web script or HTML via the category0 parameter, which is not properly handled when displaying the Subjects tab in the View Properties menu option.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Ektron CMS content.aspx脚本跨站脚本漏洞
Vulnerability Description
Ektron CMS是美国Ektron公司的一套企业级Web内容管理系统(CMS)。该系统支持所见即所得编辑器、内容布局和拖拽操作等。 Ektron CMS 8.7.0版本的content.aspx脚本存在跨站脚本漏洞,该漏洞源于当在View Properties菜单选项中显示Subjects标签时,存在错误。远程攻击者可借助‘category0’参数利用该漏洞注入任意Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A