Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An XSS issue was discovered in handler_server_info.c in Cherokee through 1.2.104. The requested URL is improperly displayed on the About page in the default configuration of the web server and its administrator panel. The XSS in the administrator panel can be used to reconfigure the server and execute arbitrary commands.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cherokee 跨站脚本漏洞
Vulnerability Description
Cherokee是一款开源的Web服务器。 Cherokee 1.2.104及之前版本中的handler_server_info.c文件存在跨站脚本漏洞,该漏洞源于请求的URL没有正确显示在About页面。攻击者可利用该漏洞重新配置服务器并执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A