Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
i-doit before 1.16.0 is affected by Stored Cross-Site Scripting (XSS) issues that could allow remote authenticated attackers to inject arbitrary web script or HTML via C__MONITORING__CONFIG__TITLE, SM2__C__MONITORING__CONFIG__TITLE, C__MONITORING__CONFIG__PATH, SM2__C__MONITORING__CONFIG__PATH, C__MONITORING__CONFIG__ADDRESS, or SM2__C__MONITORING__CONFIG__ADDRESS.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Synetics i-doit 跨站脚本漏洞
Vulnerability Description
Synetics i-doit是德国Synetics公司的一套开源的配置管理数据库(CMDB)软件。该软件包括IT基础设施管理、网络文档管理、IP地址管理和IT资产管理等功能。 i-doit before 1.16.0 存在跨站脚本漏洞,该漏洞允许攻击者远程身份验证通过C注入任意web脚本或HTML监控配置标题。
CVSS Information
N/A
Vulnerability Type
N/A