Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
FreshDNS version 1.0.3 and prior contains a Cross Site Scripting (XSS) vulnerability in Account data form; Zone editor that can result in Execution of attacker's JavaScript code in victim's session. This attack appear to be exploitable via The attacker stores a specially crafted string as their Full Name in their account details. The victim (e.g. the administrator of the FreshDNS instance) opens the User List in the admin interface.. This vulnerability appears to have been fixed in 1.0.5 and later.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
FreshDNS 跨站脚本漏洞
Vulnerability Description
FreshDNS是一款基于FreshDNS AJAX的PowerDNS(域名服务器)管理系统。 FreshDNS 1.0.3及之前版本中的Account数据表单存在跨站脚本漏洞。远程攻击者可通过在用户详情中将特制的字符串存储到Full Name利用该漏洞在用户会话中执行JavaScript代码。
CVSS Information
N/A
Vulnerability Type
N/A