Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
OLIMPOKS under 3.3.39 allows Auth/Admin ErrorMessage XSS. Remote Attacker can use discovered vulnerability to inject malicious JavaScript payload to victim’s browsers in context of vulnerable applications. Executed code can be used to steal administrator’s cookies, influence HTML content of targeted application and perform phishing-related attacks. Vulnerable application used in more than 3000 organizations in different sectors from retail to industries.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OLIMPOKS 跨站脚本漏洞
Vulnerability Description
OLIMPOKS是俄罗斯olimpoks的一个用于职业培训的移动设备应用。该软件提供提供了在移动设备上进行工业安全(Rostekhnadzor批准的认证区域),劳动保护,劳动保护,民防和紧急情况培训的机会。 OLIMPOKS 5.1.0版本存在跨站脚本漏洞,该漏洞源于Auth/Admin ErrorMessage。
CVSS Information
N/A
Vulnerability Type
N/A