Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to kvm.cgi or (2) the key parameter to avctalert.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM 1754 GCM16和GCM32 Global Console Managers 跨站脚本漏洞
Vulnerability Description
IBM 1754 GCM16和GCM32 Global Console Managers(GCM)都是美国IBM公司的1754系列KVM切换器产品。该产品支持AES加密、LDAP和智能卡/通用访问卡(CAC)读取器等,可实现集中式身份验证和本地或远程系统访问。 使用1.20.20.23447之前版本固件的IBM 1754 GCM16和GCM32 GCM交换机中存在跨站脚本漏洞,该漏洞源于kvm.cgi文件没有充分过滤‘query’字符串,avctalert.php脚本没有充分过滤‘key’参数。远程攻击者
CVSS Information
N/A
Vulnerability Type
N/A