Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Sage DPW 2020_06_x before 2020_06_002. The search field "Kurs suchen" on the page Kurskatalog is vulnerable to Reflected XSS. If the attacker can lure a user into clicking a crafted link, he can execute arbitrary JavaScript code in the user's browser. The vulnerability can be used to change the contents of the displayed site, redirect to other sites, or steal user credentials. Additionally, users are potential victims of browser exploits and JavaScript malware.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Sage DPW 跨站脚本漏洞
Vulnerability Description
Sage DPW是德国sage的一个人力资源系统。 Sage DPW版本2020 06 000版本和2020 06 001版本存在跨站脚本漏洞,该漏洞源于遭受跨站点脚本和未经认证的恶意文件上传漏洞。
CVSS Information
N/A
Vulnerability Type
N/A