漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
IBM API Connect 5.0.0.0 through 5.0.8.10 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. By sending a specially crafted HTTP request, a remote attacker could exploit this vulnerability to inject HTTP HOST header, which will allow the attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 187194.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM API Connect 跨站脚本漏洞
Vulnerability Description
IBM API Connect(APIConnect)是美国IBM公司的一套用于管理API生命周期的集成解决方案。该产品支持创建、运行、管理和保护API和微服务等。 IBM API Connect 5.0.0.0至5.0.8.10版本存在跨站脚本漏洞,该漏洞源于产品的host报头未对输入信息做有效验证。攻击者可通过发送特制的HTTP请求导致目标跨站脚本攻击、缓存投毒、会话劫持等。
CVSS Information
N/A
Vulnerability Type
N/A