Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A Cross-Site Scripting (XSS) attack can cause arbitrary code (javascript) to run in a user’s browser while the browser is connected to a trusted website. As the vehicle for the attack, the application targets the users and not the application itself. Additionally, the XSS payload is executed when the user attempts to access any page of the CRM.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
X2Engine X2CRM 跨站脚本漏洞
Vulnerability Description
X2Engine X2CRM是美国X2Engine公司的一个应用程序。一个面向中小企业的下一代开源社交销售应用程序。 X2Engine X2CRM 存在安全漏洞,该漏洞源于当浏览器连接到信任的网站时,跨站点脚本(XSS)攻击可能导致任意代码(javascript)在用户的浏览器中运行。此外,当用户尝试访问 CRM 的任何页面时,都会执行跨站点脚本攻击。
CVSS Information
N/A
Vulnerability Type
N/A