Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in the Cross Reference Add-on 36 for Google Docs. Stored XSS in the preview boxes in the configuration panel may allow a malicious user to use both label text and references text to inject arbitrary JavaScript code (via SCRIPT elements, event handlers, etc.). Since this code is stored by the plugin, the attacker may be able to target anyone who opens the configuration panel of the plugin.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cross Reference Add-on 36 for Google Docs 跨站脚本漏洞
Vulnerability Description
Cross Reference Add-on 36 for Google Docs是一个开源的使用在GoogleDocs中的附加组件。该产品可自动对图形和更新等元素进行编号,并对文本内容进行格式化引用。 Cross Reference Add-on for Google Docs 36版本中的配置面板的预览框存在跨站脚本漏洞。远程攻击者可借助标签和参考文本框利用该漏洞注入任意的JavaScript代码。
CVSS Information
N/A
Vulnerability Type
N/A