Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Webdetails cpf DependenciesPackage.java cross site scripting
Vulnerability Description
A vulnerability classified as problematic has been found in Webdetails cpf up to 9.5.0.0-80. Affected is an unknown function of the file core/src/main/java/pt/webdetails/cpf/packager/DependenciesPackage.java. The manipulation of the argument baseUrl leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 9.5.0.0-81 is able to address this issue. The name of the patch is 3bff900d228e8cae3af256b447c5d15bdb03c174. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216468.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
Vulnerability Type
对消息或数据结构的处理不恰当
Vulnerability Title
Community Plugin Framework 跨站脚本漏洞
Vulnerability Description
Community Plugin Framework是一个插件框架。 Community Plugin Framework 存在安全漏洞,该漏洞源于文件 core/src/main/java/pt/webdetails/cpf/packager/DependenciesPackage.java 的未知函数,对参数 baseUrl 的操纵会导致跨站脚本。
CVSS Information
N/A
Vulnerability Type
N/A