Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
TOBESOFT XPLATFORM arbitrary hta file execution vulnerability
Vulnerability Description
Improper input validation vulnerability exists in TOBESOFT XPLATFORM which could cause arbitrary .hta file execution when the command string is begun with http://, https://, mailto://
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
输入验证不恰当
Vulnerability Title
Tobesoft Xplatform 输入验证错误漏洞
Vulnerability Description
Tobesoft Xplatform是韩国Tobesoft公司的一套应用程序开发平台。该平台支持表单和复合组件继承功能、CSS自动设置功能以及多文档界面等功能。 TOBESOFT XPLATFORM 存在输入验证错误漏洞,该漏洞源于当命令字符串以http:, https:, mailto:开始时,会导致任意的.hta文件执行。
CVSS Information
N/A
Vulnerability Type
N/A