Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in index.php in SunHater KCFinder 3.11 and earlier allows remote attackers to inject arbitrary web script or HTML via (1) file or (2) directory (folder) name of an uploaded file.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
CKSource SunHater KCFinder 跨站脚本漏洞
Vulnerability Description
CKSource CKEditor(前称FCKeditor)是波兰CKSource公司的一套开源的、基于网页的文字编辑器。SunHater KCFinder是其中的一个文件管理器插件,该插件可上传、浏览和管理图片、Flash动画以及其他文件。 CKSource SunHater KCFinder 3.11及之前版本的index.php脚本中存在跨站脚本漏洞。远程攻击者可借助上传‘file’或‘directory’名称的文件利用该漏洞注入任意Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A