Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
iziModal vulnerable to Cross-site Scripting
Vulnerability Description
iziModal is a modal plugin with jQuery. Versions prior to 1.6.1 are vulnerable to cross-site scripting (XSS) when handling untrusted modal titles. An attacker who is able to influence the field `title` when creating a `iziModal` instance is able to supply arbitrary `html` or `javascript` code that will be rendered in the context of a user, potentially leading to `XSS`. Version 1.6.1 contains a patch for this issue
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
iziModal 跨站脚本漏洞
Vulnerability Description
iziModal是优雅、响应迅速、灵活且轻量级的 jQuery 模式插件。 iziModal 1.6.1之前版本存在安全漏洞,该漏洞源于在处理不受信任的模式标题时容易受到跨站脚本(XSS)攻击, 攻击者利用该漏洞可以在用户上下文中执行任意HTML或Javascript代码。
CVSS Information
N/A
Vulnerability Type
N/A