Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A stored XSS vulnerability was discovered in the ECT Provider in OutSystems before 2020-09-04, affecting generated applications. It could allow an unauthenticated remote attacker to craft and store malicious Feedback content into /ECT_Provider/, such that when the content is viewed (it can only be viewed by Administrators), attacker-controlled JavaScript will execute in the security context of an administrator's browser. This is fixed in Outsystems 10.0.1005.2, Outsystems 11.9.0 Platform Server, and Outsystems 11.7.0 LifeTime Management Console.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Outsystems OutSystems Platform 跨站脚本漏洞
Vulnerability Description
Outsystems OutSystems Platform是美国OutSystems(Outsystems)公司的一套企业级低代码开发平台。该平台主要用于应用程序的可视化开发。 OutSystems Platform 存在跨站脚本漏洞,该漏洞源于 OutSystems 的 ECT Provider 中发现了存储型 XSS 漏洞,影响生成的应用程序。
CVSS Information
N/A
Vulnerability Type
N/A