Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in Identity Server in Progress Sitefinity CMS versions 10.0 through 11.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to login request parameters, a different vulnerability than CVE-2018-17054.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Progress Sitefinity CMS Identity Server 跨站脚本漏洞
Vulnerability Description
Progress Sitefinity CMS是一套开源的用于构建企业网站以及企业内部网络的平台。Identity Server是其中的一个认证服务器。 Progress Sitefinity CMS 10.0版本至11.0版本中的Identity Server存在跨站脚本漏洞。远程攻击者可利用该漏洞注入任意的Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A