Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Workerman-ThinkPHP-Redis (last update Mar 16, 2018) is affected by a Cross Site Scripting (XSS) vulnerability. In file Controller.class.php, the exit function will terminate the script and print the message to the user. The message will contain $_GET{C('VAR_JSONP_HANDLER')] then there is a XSS vulnerability.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Workerman-ThinkPHP-Redis 跨站脚本漏洞
Vulnerability Description
Workerman-ThinkPHP-Redis是一个开源项目,由Workerman框架、ThinkPHP框架和Redis构成。 Workerman-ThinkPHP-Redis 存在跨站脚本漏洞,该漏洞源于在文件 Controller.class.php 中,退出函数将终止脚本并将消息打印给用户。 该消息将包含 $_GET{C(VAR_JSONP_HANDLER)] 则存在 XSS 漏洞。
CVSS Information
N/A
Vulnerability Type
N/A