Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/tag_m.cgi in Ex Libris ALEPH 500 (Integrated library management system) 18.1 and 20 allow remote attackers to inject arbitrary web script or HTML via the (1) find, (2) lib, or (3) sid parameter.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Ex Libris ALEPH 500 跨站脚本漏洞
Vulnerability Description
Ex Libris ALEPH 500是以色列艾利贝斯(Ex Libris)公司的一套图书馆自动化集成系统。该系统以Oracle数据库为后台,并包含有联机公共查询目录、编目及规范控制、册件管理等模块。 Ex Libris ALEPH 500 (集成库管理系统) 18.1版本和20版本中的tag_m.cgi脚本存在跨站脚本漏洞,该漏洞源于程序没有正确验证用户输入。远程攻击者可借助特制URL利用该漏洞注入任意Web脚本和HTML。
CVSS Information
N/A
Vulnerability Type
N/A