Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
webTareas version 2.4 and earlier allows an authenticated user to inject arbitrary web script or HTML due to incorrect sanitization of user-supplied data and achieve a Reflected Cross-Site Scripting attack against the platform users and administrators. The issue affects every endpoint on the application because it is related on how each URL is echoed back on every response page.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
webTareas 跨站脚本漏洞
Vulnerability Description
webTareas是一款基于Web的开源协作工具。该产品支持项目管理、错误跟踪、内容管理和会议管理等功能。 webTareas 存在安全漏洞,该漏洞源于webTareas 2.4及更早版本中,用户提供的数据进行了不正确的卫生处理。攻击者可利用该漏洞允许通过身份验证的用户注入任意web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A