Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Alkacon OpenCMS v10.5.4 and before is affected by stored cross site scripting (XSS) in the module New User (/opencms/system/workplace/admin/accounts/user_new.jsp). This allows an attacker to insert arbitrary JavaScript as user input (First Name or Last Name), which will be executed whenever the affected snippet is loaded.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Alkacon Software OpenCMS New User模块跨站脚本漏洞
Vulnerability Description
Alkacon Software OpenCMS是德国Alkacon Software公司的一套开源的基于Java和XML的内容管理系统(CMS)。该系统支持模板引擎、所见即所得编辑器等。New User是其中的一个用户注册模块。 Alkacon Software OpenCMS 10.5.4及之前版本中的New User模块(/opencms/system/workplace/admin/accounts/user_new.jsp)中存在跨站脚本漏洞。该漏洞源于WEB应用缺少对客户端数据的正确验证。攻击
CVSS Information
N/A
Vulnerability Type
N/A