漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
Anyplace version before commit 80359b4 contains a XML External Entity (XXE) vulnerability in Man in the middle on map API call that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This vulnerability appears to have been fixed in after commit 80359b4.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Anyplace 安全漏洞
Vulnerability Description
Anyplace是一款室内导航服务。 Anyplace commit 80359b4之前版本中GMapV2Direction.java文件存在XML外部实体注入漏洞。攻击者可通过实施中间人攻击利用该漏洞泄露敏感数据,造成拒绝服务,实施服务器端请求伪造攻击或扫描端口。
CVSS Information
N/A
Vulnerability Type
N/A