Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
OpenCMS - Stored Cross-Site Scripting (XSS) in Sitemap
Vulnerability Description
In “OpenCMS”, versions 10.5.0 to 11.0.2 are affected by a stored XSS vulnerability that allows low privileged application users to store malicious scripts in the Sitemap functionality. These scripts are executed in a victim’s browser when they open the page containing the vulnerable field.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Alkacon Software OpenCms 跨站脚本漏洞
Vulnerability Description
Alkacon Software OpenCms是德国Alkacon Software公司的一个专业的、开源的、易于使用的网站内容管理系统。 Alkacon Software OpenCMS 10.5.0至11.0.2版本存在跨站脚本漏洞,该漏洞允许低权限应用程序用户将恶意脚本存储在Sitemap functionality。当受害者打开包含脆弱字段的页面时,这些脚本就会在受害者的浏览器中执行。
CVSS Information
N/A
Vulnerability Type
N/A