Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Zenario CMS 9.0.54156 is vulnerable to Cross Site Scripting (XSS) via upload file to *.SVG. An attacker can send malicious files to victims and steals victim's cookie leads to account takeover. The person viewing the image of a contact can be victim of XSS.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Zenario CMS 跨站脚本漏洞
Vulnerability Description
Zenario CMS是Zenario开源的一个应用软件。提供一个基于Web的内容管理系统。 Zenario CMS 9.0.54156版本 存在安全漏洞,该漏洞源于Zenario CMS 9.0.54156版本 将文件上传到 *.SVG 容易受到跨站脚本的攻击。攻击者可以向受害者发送恶意文件并窃取受害者的 cookie 导致帐户接管。
CVSS Information
N/A
Vulnerability Type
N/A