Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Missing XSS guards on firmware page
Vulnerability Description
Cross-site Scripting (XSS) vulnerability in firmware section of Secomea GateManager allows logged in user to inject javascript in browser session. This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
GateManager跨站脚本漏洞
Vulnerability Description
Secomea GateManager是丹麦Secomea公司的一款远程访问服务器产品。 Secomea GateManager 中存在安全漏洞,该漏洞允许登录用户在浏览器会话中注入 javascript。
CVSS Information
N/A
Vulnerability Type
N/A