Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Stored Cross-site scripting (XSS) vulnerability in the TP-Link EAP Controller and Omada Controller versions 2.5.4_Windows/2.6.0_Windows allows authenticated attackers to inject arbitrary web script or HTML via the userName parameter in the local user creation functionality. This is fixed in version 2.6.1_Windows.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
TP-Link EAP Controller和Omada Controller 跨站脚本漏洞
Vulnerability Description
TP-Link EAP Controller和Omada Controller都是中国普联(TP-LINK)公司的用于远程控制无线AP接入点设备的软件。 TP-Link EAP Controller和Omada Controller 2.5.4_Windows版本和2.6.0_Windows版本中存在跨站脚本漏洞。远程攻击者可借助本地用户创建功能中的‘userName’参数利用该漏洞注入任意的Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A