Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in Issuetracker phpBugTracker before 1.7.0 allow remote authenticated users to inject arbitrary web script or HTML via the (1) project name parameter to project.php; the (2) use_js parameter to user.php; the (3) use_js parameter to group.php; the (4) Description parameter to status.php; the (5) Description parameter to severity.php; the (6) Regex parameter to os.php; or the (7) Name parameter to database.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Issuetracker phpBugTracker 跨站脚本漏洞
Vulnerability Description
Issuetracker phpBugTracker是一套基于Web的缺陷跟踪系统。该系统提供项目管理及缺陷跟踪服务等功能。 Issuetracker phpBugTracker 1.7.0之前的版本中存在跨站脚本漏洞。远程攻击者可借助多种方法利用该漏洞注入任意的Web脚本或HTML。(多种方法包括:(1)向project.php文件发送‘project name’参数、(2)向user.php文件的‘use_js’参数、(3)向group.php文件发送‘use_js’参数、(4)向status.php
CVSS Information
N/A
Vulnerability Type
N/A