Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In EMC RSA Authentication Manager 8.2 SP1 and earlier, a malicious RSA Security Console Administrator could craft a token profile and store the profile name in the RSA Authentication Manager database. The profile name could include a crafted script (with an XSS payload) that could be executed when viewing or editing the assigned token profile in the token by another administrator's browser session.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
EMC RSA Authentication Manager 跨站脚本漏洞
Vulnerability Description
EMC RSA Authentication Manager是美国易安信(EMC)公司的一套集中式二元身份认证软件。该软件可跨物理站点集中管理二元身份认证、安全令牌、方法和用户等。 EMC RSA Authentication Manager 8.2 SP1及之前的版本中存在跨站脚本漏洞。远程攻击者可通过创建令牌配置文件,并将配置文件名储存在RSA Authentication Manager数据库中利用该漏洞执行脚本。
CVSS Information
N/A
Vulnerability Type
N/A