Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in webapp/web/js/scripts/plugins.js in the stats page in the Admin UI in Apache Solr before 5.3.1 allows remote attackers to inject arbitrary web script or HTML via the entry parameter to a plugins/cache URI.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apache Solr Admin UI 跨站脚本漏洞
Vulnerability Description
Apache Solr是美国阿帕奇(Apache)软件基金会的一款基于Lucene(一个全文检索引擎的架构)的搜索服务器,它支持层面搜索、垂直搜索、高亮显示搜索结果、多种输出格式等。Admin UI是其中的一个管理员和程序员管理Solr配置的Web界面。 Apache Solr 5.3.1之前版本的Admin UI中的状态页面中的webapp/web/js/scripts/plugins.js文件存在跨站脚本漏洞。远程攻击者可借助plugins/cache URI的‘entry’参数利用该漏洞注入任意We
CVSS Information
N/A
Vulnerability Type
N/A