Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component select_media.php via the `activepath`, `keyword`, `tag`, `fmdo=x&filename`, `CKEditor` and `CKEditorFuncNum` parameters.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Desdev DedeCMS 跨站脚本漏洞
Vulnerability Description
Desdev DedeCMS(织梦内容管理系统)是中国卓卓网络(Desdev)公司的一套基于PHP的开源内容管理系统(CMS)。该系统具有内容发布、内容管理、内容编辑和内容检索等功能。 DedeCMS 存在跨站脚本漏洞,该漏洞源于 DedeCMS v7.5 SP2 被发现通过 activepath、keyword、tag、fmdo=x&filename、CKEditor 和 CKEditorFuncNum 参数在组件 select_media.php 中包含多个跨站点脚本(XSS)漏洞。
CVSS Information
N/A
Vulnerability Type
N/A