Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Reflected XSS vulnerability in Shaarli v0.9.1 allows an unauthenticated attacker to inject JavaScript via the searchtags parameter to index.php. If the victim is an administrator, an attacker can (for example) take over the admin session or change global settings or add/delete links. It is also possible to execute JavaScript against unauthenticated users.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Shaarli 跨站脚本漏洞
Vulnerability Description
Shaarli是法国Sebsauvage项目的一套网站克隆工具。 Shaarli 0.9.1版本中存在跨站脚本漏洞。远程攻击者可通过向index.php文件发送‘searchtags’参数注入JavaScript代码。
CVSS Information
N/A
Vulnerability Type
N/A