Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in the DisplayEntityField.getDescription method in ModelFormField.java in Apache OFBiz before 12.04.06 and 13.07.x before 13.07.03 allows remote attackers to inject arbitrary web script or HTML via the description attribute of a display-entity element.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apache OFBiz 跨站脚本漏洞
Vulnerability Description
Apache OFBiz(又名Apache Open For Business Project)是美国阿帕奇(Apache)软件基金会的一套企业资源计划(ERP)系统。该系统提供了一整套基于Java的Web应用程序组件和工具。 Apache OFBiz 12.04.06之前版本和13.07.03之前13.07.x版本的ModelFormField.java文件中的DisplayEntityField.getDescription方法中存在跨站脚本漏洞。远程攻击者可借助display-entity元素的de
CVSS Information
N/A
Vulnerability Type
N/A