Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in TWiki 6.0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) QUERYSTRING variable in lib/TWiki.pm or (2) QUERYPARAMSTRING variable in lib/TWiki/UI/View.pm, as demonstrated by the QUERY_STRING to do/view/Main/TWikiPreferences.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
TWiki 跨站脚本漏洞
Vulnerability Description
TWiki是美国软件开发者Peter Thoeny所研发的一套基于Perl语言的开源Wiki程序,是一个基于Web的网站协作平台,它可用于项目开发管理、文档管理、知识库管理以及其他协作工作。 TWiki 6.0.1版本中存在跨站脚本漏洞。远程攻击者可借助lib/TWiki.pm文件中的‘QUERYSTRING’变量或lib/TWiki/UI/View.pm文件中的‘QUERYPARAMSTRING’变量利用该漏洞注入任意Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A