Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in the note-creation page in QPR Portal 2014.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) title or (2) body field.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
QPR Software Suite Portal 跨站脚本漏洞
Vulnerability Description
QPR Software Suite是芬兰QPR Software公司的一款业务管理和绩效管理产品套件。QPR Portal是其中的一个提供了全屏幕模式介绍综合导航选项、复制示意图位置链接和在单独窗口中打开嵌入式附件等功能的门户产品。 QPR Software Suite Portal 2014.1.1及之前版本的note-creation页面中存在跨站脚本漏洞。远程攻击者可借助‘title’或‘body’字段利用该漏洞注入任意Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A