漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
A cross-site request forgery (CSRF) vulnerability exists in Streama up to and including v1.10.3. The application does not have CSRF checks in place when performing actions such as uploading local files. As a result, attackers could make a logged-in administrator upload arbitrary local files via a CSRF attack and send them to the attacker.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Streama 跨站请求伪造漏洞
Vulnerability Description
Streama是一个自托管流媒体服务器。 Streama 中存在跨站请求伪造漏洞,该漏洞源于产品在上传本地文件时没有进行合理的检查。攻击者可通过该漏洞像服务端上传任意文件。Streama v1.10.3 版本及之前版本。
CVSS Information
N/A
Vulnerability Type
N/A