Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In SiCKRAGE, versions 9.3.54.dev1 to 10.0.11.dev1 are vulnerable to Reflected Cross-Site-Scripting (XSS) due to user input not being validated properly in the `quicksearch` feature. Therefore, an attacker can steal a user's sessionID to masquerade as a victim user, to carry out any actions in the context of the user.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Echel0n SiCKRAGE 跨站脚本漏洞
Vulnerability Description
Echel0n SiCKRAGE是Echel0n开源的一个应用程序。一个电视节目的自动视频库管理器。 SiCKRAGE 9.3.54.dev1至10.0.11.dev1版本存在跨站脚本漏洞,该漏洞源于服务器在处理用户输入时没有正确验证用户输入。攻击者可利用该漏洞可以在应用程序中注入任意JavaScript代码,并可能窃取用户的敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A