Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in the Security component of Kohana before 3.3.6 allows remote attackers to inject arbitrary web script or HTML by bypassing the strip_image_tags protection mechanism in system/classes/Kohana/Security.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Kohana Security组件跨站脚本漏洞
Vulnerability Description
Kohana是Kohana团队开发的一套基于MVC模型构建的PHP5框架。Security component是其中的一个安全组件。 Kohana 3.3.6之前的版本中的Security组件存在跨站脚本漏洞。远程攻击者可通过绕过system/classes/Kohana/Security.php文件的strip_image_tags保护机制利用该漏洞注入任意的Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A