Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
GitBook is a command line tool (and Node.js library) for building beautiful books using GitHub/Git and Markdown (or AsciiDoc). Stored Cross-Site-Scripting (XSS) is possible in GitBook before 3.2.2 by including code outside of backticks in any ebook. This code will be executed on the online reader.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
GitBook online reader 跨站脚本漏洞
Vulnerability Description
GitBook是一款在线发布和托管图书的命令行工具。online reader是其中的一个在线阅读模块。 GitBook 3.2.2之前版本中的online reader存在跨站脚本漏洞,该漏洞源于程序没有正确的过滤用户的输入。远程攻击者可利用该漏洞在该阅读器上执行代码。
CVSS Information
N/A
Vulnerability Type
N/A