Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An XSS issue was discovered in Inhaltsprojekte in Weblication CMS Core & Grid v12.6.24. The vulnerability is located in the `wFilemanager.php` and `index.php` files of the `/grid5/scripts/` modules. The injection point is located in the Project `Title` and the execution point occurs in the `Inhaltsprojekte` output listing section. Remote attackers with privileged user accounts are able to inject their own malicious script code with a persistent attack vector to compromise user session credentials or to manipulate the affected web-application module output context. The request method to inject is POST.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Weblication CMS Core & Grid ‘/grid5/scripts/’模块跨站脚本漏洞
Vulnerability Description
Weblication CMS Core & Grid是一套支持拖放式创建网站的内容管理系统(CMS)。 Weblication CMS Core & Grid 12.6.24版本中的‘/grid5/scripts/’模块的wFilemanager.php和index.php文件存在跨站脚本漏洞。远程攻击者可通过发送POST请求利用该漏洞注入恶意的脚本代码,从而控制用户会话凭证或操纵受影响Web应用程序的内容。
CVSS Information
N/A
Vulnerability Type
N/A