Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Deluge Web-UI is vulnerable to XSS through a crafted torrent file. The the data from torrent files is not properly sanitised as it's interpreted directly as HTML. Someone who supplies the user with a malicious torrent file can execute arbitrary Javascript code in the context of the user's browser session.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Deluge Web-UI 跨站脚本漏洞
Vulnerability Description
Deluge Web-UI是使用 ExtJS 框架构建的全功能界面。 Deluge Web-UI存在安全漏洞,该漏洞源于其未对torrent文件的数据进行正确地消毒而被直接解析为HTML,允许向用户提供恶意torrent文件的人可以在用户的浏览器会话上下文中执行任意Javascript代码。
CVSS Information
N/A
Vulnerability Type
N/A