Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in UiPath App Studio 21.4.4. There is a persistent XSS vulnerability in the file-upload functionality for uploading icons when attempting to create new Apps. An attacker with minimal privileges in the application can build their own App and upload a malicious file containing an XSS payload, by uploading an arbitrary file and modifying the MIME type in a subsequent HTTP request. This then allows the file to be stored and retrieved from the server by other users in the same organization.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
UiPath App Studio 跨站脚本漏洞
Vulnerability Description
UiPath App Studio是美国UiPath公司的一个低代码应用程序开发平台。 UiPath App Studio 21.4.4 中存在安全漏洞,在应用程序中具有最低权限的攻击者可以通过上传任意文件并在后续 HTTP 请求中修改 MIME 类型来构建自己的应用程序并上传包含 XSS 负载的恶意文件。
CVSS Information
N/A
Vulnerability Type
N/A