Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
There is a Stored XSS vulnerability in the glance node module versions <= 3.0.5. File name, which contains malicious HTML (eg. embedded iframe element or javascript: pseudo-protocol handler in <a> element) allows to execute JavaScript code against any user who opens a directory listing containing such crafted file name.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
glance node模块跨站脚本漏洞
Vulnerability Description
glance node module是一款静态文件服务器。 glance node module 3.0.5及之前版本中存在跨站脚本漏洞。远程攻击者可借助特制的文件名利用该漏洞执行JavaScript代码。
CVSS Information
N/A
Vulnerability Type
N/A