Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
TCMAN GIM Cross-Site Scripting (XSS)
Vulnerability Description
The m_txtNom y m_txtCognoms parameters in TCMAN GIM v8.01 allow an attacker to perform persistent XSS attacks. This vulnerability could be used to carry out a number of browser-based attacks including browser hijacking or theft of sensitive data.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Tcman Gim 跨站脚本漏洞
Vulnerability Description
Tcman Gim是西班牙Tcman公司的一个专为在移动设备上使用而设计的设施管理软件。 TCMAN GIM v8.01 版本存在跨站脚本漏洞,该漏洞源于软件中的m_txtNom y m_txtCognoms参数缺少有效的过滤和转义,这个漏洞可以被用来进行一些基于浏览器的攻击,包括浏览器劫持或窃取敏感数据。
CVSS Information
N/A
Vulnerability Type
N/A