Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cross-site scripting in Hitachi ABB Power Grids Ellipse EAM
Vulnerability Description
An attacker could exploit this vulnerability in Hitachi ABB Power Grids Ellipse Enterprise Asset Management (EAM) versions prior to and including 9.0.25 by tricking a user to click on a link containing malicious code that would then be run by the web browser. This can result in the compromise of confidential information, or even the takeover of the user’s session.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Ellipse Enterprise Asset Management跨站脚本漏洞
Vulnerability Description
Ellipse Enterprise Asset Management(Ellipse EAM)是英国Ellipse的工业设备提供一个业务流程管理软件 Ellipse Enterprise Asset Management 存在跨站脚本漏洞,该漏洞源于攻击者可利用该漏洞欺骗用户点击包含恶意代码的链接,然后通过web浏览器运行这些代码。
CVSS Information
N/A
Vulnerability Type
N/A