Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Applications component of Nokia IMPACT version through 19.11.2.10-20210118042150283 allows an authenticated user to arbitrarily upload JavaScript files via the /ui/rest-proxy/application fileupload parameter. This can occur during the adding of a new application, or during the editing of an existing one. If an authenticated user visits the web page where the file is published, the JavaScript code is executed.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Nokia IMPACT 安全漏洞
Vulnerability Description
Nokia IMPACT是芬兰诺基亚(Nokia)公司的一套物联网智能管理平台。 Nokia IMPACT 19.11.2.10-20210118042150283及之前版本存在安全漏洞,该漏洞源于Applications组件允许通过fileupload参数上传JavaScript文件,可能导致执行任意Web脚本。
CVSS Information
N/A
Vulnerability Type
N/A