Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
OpenAsset Digital Asset Management (DAM) 12.0.19 and earlier failed to implement access controls on /Stream/ProjectsCSV endpoint, allowing unauthenticated attackers to gain access to potentially sensitive project information stored by the application.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Openasset 跨站脚本漏洞
Vulnerability Description
Openasset是英国Openasset公司的一个为建站行业提供数字资产管理的软件。 OpenAsset Digital Asset Management 存在跨站脚本漏洞,该漏洞源于web应用程序提供了几个端点,允许未经身份验证的数据检索。例如,发现以下端点返回CSV列表,而不需要进行身份验证。
CVSS Information
N/A
Vulnerability Type
N/A