Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Squirro Insights Engine was affected by a Reflected Cross-Site Scripting (XSS) vulnerability affecting versions 2.0.0 up to and including 3.2.4. An attacker can use the vulnerability to inject malicious JavaScript code into the application, which will execute within the browser of any user who views the relevant application content. The attacker-supplied code can perform a wide variety of actions, such as stealing victims' session tokens or login credentials, performing arbitrary actions on their behalf, and logging their keystrokes.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Squirro Insights Engine 跨站脚本漏洞
Vulnerability Description
Squirro Insights Engine是瑞士Squirro公司的一个应用软件。提供最相关的数据直接或通过工作台集成信号源和显示他们语境的见解。 Squirro Insights Engine存在安全漏洞,攻击者可利用该漏洞提供的代码可以执行各种各样的操作,例如窃取受害者的会话令牌或登录凭证,代表他们执行任意操作,并记录他们的按键。
CVSS Information
N/A
Vulnerability Type
N/A