Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Sipwise C5 NGCP WWW Admin version 3.6.7 up to and including platform version NGCP CE 3.0 has multiple authenticated stored and reflected XSS vulnerabilities when input passed via several parameters to several scripts is not properly sanitized before being returned to the user: Stored XSS in callforward/time/set/save (POST tsetname); Reflected XSS in addressbook (GET filter); Stored XSS in addressbook/save (POST firstname, lastname, company); and Reflected XSS in statistics/versions (GET lang).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Sipwise C5 NGCP CSC 跨站脚本漏洞
Vulnerability Description
Sipwise C5 NGCP CSC是奥地利Sipwise公司的一个应用系统。一个统一通信解决方案的核心系统。 Sipwise C5 NGCP CS CE_m39.3.1版本及之前版本存在跨站脚本漏洞,该漏洞源于输入通过几个参数传递到几个脚本没有被正确地检查。
CVSS Information
N/A
Vulnerability Type
N/A