Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Progress Telerik UI for ASP.NET AJAX 2021.1.224. It allows unauthorized access to MicrosoftAjax.js through the Telerik.Web.UI.WebResource.axd file. This may allow the attacker to gain unauthorized access to the server and execute code. To exploit, one must use the parameter _TSM_HiddenField_ and inject a command at the end of the URI. NOTE: the vendor states that this is not a vulnerability. The request's output does not indicate that a "true" command was executed on the server, and the request's output does not leak any private source code or data from the server
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Progress Telerik UI for ASP.NET AJAX 安全漏洞
Vulnerability Description
Progress Telerik UI for ASP.NET AJAX是一款HTML编辑器。 ASP.NET AJAX 2021.1.224 存在安全漏洞,攻击者可利用该漏洞获得对服务器的未授权访问并执行代码。
CVSS Information
N/A
Vulnerability Type
N/A