Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in hsweb 3.0.4. It is a reflected XSS vulnerability due to the absence of type parameter checking in FlowableModelManagerController.java.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
hsweb 跨站脚本漏洞
Vulnerability Description
hsweb是一套用于快速搭建企业网站后台管理系统的项目,它集成了在线代码生成、权限管理、单点登录和动态多数据源分布式事务处理等功能。 hsweb 3.0.4版本中存在跨站脚本漏洞,该漏洞源于在FlowableModelManagerController.java文件中,程序没有检查‘type’参数。远程攻击者可利用该漏洞注入任意的Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A