Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
AzeoTech DAQFactory
Vulnerability Description
This vulnerability could allow an attacker to send malicious Javascript code resulting in hijacking of the user’s cookie/session tokens, redirecting the user to a malicious webpage, and performing unintended browser action.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Advantech WebAccess HMI Designer 跨站脚本漏洞
Vulnerability Description
Advantech WebAccess HMI Designer是中国台湾研华(Advantech)公司的一款人机界面集成开发工具。该产品具备数据传输、菜单编辑和文本编辑等功能。 Advantech WebAccess HMI Designer 2.1.11.0之前版本存在跨站脚本漏洞,该漏洞源于软件对于用户提交的参数缺少有效的过滤与转义。该漏洞允许攻击者发送恶意Javascript代码,从而劫持用户的cookie会话令牌,将用户重定向到恶意网页,并执行意外的浏览器操作。
CVSS Information
N/A
Vulnerability Type
N/A