Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A Stored XSS vulnerability has been discovered in version 4.1.0 of AlchemyCMS via the /admin/pictures image field. NOTE: the vendor's position is that this is not a valid report: "The researcher used an authorized cookie to perform the request to a password-protected route. Without that session cookie, the request would have been rejected as unauthorized."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Alchemy CMS 跨站脚本漏洞
Vulnerability Description
Alchemy CMS是Alchemy CMS团队的一套使用Rails语言编写的开源内容管理系统(CMS)。 Alchemy CMS 4.1.0版本中存在跨站脚本漏洞。远程攻击者可通过/admin/pictures页面发送image字段利用该漏洞注入任意的Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A