Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component file_manage_view.php via the `activepath`, `keyword`, `tag`, `fmdo=x&filename`, `CKEditor` and `CKEditorFuncNum` parameters.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Desdev DedeCMS 跨站脚本漏洞
Vulnerability Description
Desdev DedeCMS(织梦内容管理系统)是中国卓卓网络(Desdev)公司的一套基于PHP的开源内容管理系统(CMS)。该系统具有内容发布、内容管理、内容编辑和内容检索等功能。 DedeCMS v7.5 SP2 版本存在跨站脚本漏洞,该漏洞源于软件在manage view.php中对于activepath,keyword,tag,fmdo=x&filename,CKEditor和CKEditorFuncNum参数均缺少有效的过滤与转义。
CVSS Information
N/A
Vulnerability Type
N/A