Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
esigate.org esigate version 5.2 and earlier contains a CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in ESI directive with user specified XSLT that can result in Remote Code Execution. This attack appear to be exploitable via Use of another weakness in backend application to reflect ESI directives. This vulnerability appears to have been fixed in 5.3.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
esigate 注入漏洞
Vulnerability Description
esigate是一款用于整合多个应用程序的工具包。 esigate 5.2及之前版本中存在注入漏洞。远程攻击者可利用该漏洞执行代码。
CVSS Information
N/A
Vulnerability Type
N/A