Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in SearchBlox before 8.2 allow remote attackers to inject arbitrary web script or HTML via (1) the search field in plugin/index.html or (2) the title field in the Create Featured Result form in admin/main.jsp.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SearchBlox 跨站脚本漏洞
Vulnerability Description
SearchBlox是美国SearchBlox公司的一套开源免费的基于Lucene(全文检索引擎工具包)构建的企业搜索和分析解决方案。该方案提供一个基于Web的管理界面,可以管理整个搜索系统。 SearchBlox 8.2之前版本中存在跨站脚本漏洞。远程攻击者可借助plugin/index.html页面中的‘search’字段或admin/main.jsp脚本中的Create Featured Result表单中的‘title’字段利用该漏洞注入任意Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A