Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Elefant CMS Title Persistent cross site scriting
Vulnerability Description
A vulnerability, which was classified as problematic, has been found in Elefant CMS 1.3.12-RC. Affected by this issue is some unknown functionality of the component Title Handler. The manipulation with the input </title><img src=no onerror=alert(1)> leads to basic cross site scripting (Persistent). The attack may be launched remotely. Upgrading to version 1.3.13 is able to address this issue. It is recommended to upgrade the affected component.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
Vulnerability Type
Web页面中脚本相关HTML标签转义处理不恰当(基本跨站脚本)
Vulnerability Title
Elefant CMS 跨站脚本漏洞
Vulnerability Description
Elefant CMS是加拿大John de Plume个人开发者的一个简单 PHP 内容管理系统和 Web 框架。 Elefant CMS 1.3.12-RC 版本存在跨站脚本漏洞,远程攻击者利用该漏洞可执行基本的跨站点脚本(持久)攻击。
CVSS Information
N/A
Vulnerability Type
N/A