Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
OCS Inventory OCS Inventory NG version ocsreports 2.4 contains a Cross Site Scripting (XSS) vulnerability in login form and search functionality that can result in An attacker is able to execute arbitrary (javascript) code within a victims' browser. This attack appear to be exploitable via Victim must open a crafted link to the application. This vulnerability appears to have been fixed in ocsreports 2.4.1.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OCS Inventory NG 跨站脚本漏洞
Vulnerability Description
OCS Inventory NG(Open Computer and Software Inventory Next Generation)是OCS Inventory团队开发的一套资产管理软件。该软件能够帮助管理员掌握计算机软件安装和配置,以及在HTTP代理和服务器之间实现低网络流量通讯。 OCS Inventory NG ocsreports 2.4版本中的登录表单和搜索功能存在跨站脚本漏洞。远程攻击者可借助特制的链接利用该漏洞执行任意的JavaScript代码。
CVSS Information
N/A
Vulnerability Type
N/A