Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An XSS issue was discovered in COINS Construction Cloud 11.12. Due to insufficient neutralization of user input in the description of a task, it is possible to store malicious JavaScript code in the task description. This is later executed when it is reflected back to the user.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
COINS Construction Cloud 跨站脚本漏洞
Vulnerability Description
COINS Construction Cloud是COINS公司的一套端到端的云和移动软件解决方案。旨在帮助建筑主管推动整个业务的利润率提高。 COINS Construction Cloud 11.12版本存在跨站脚本漏洞,该漏洞源于任务描述中用户输入的无效化。攻击者可以在任务描述中利用该漏洞执行恶意JavaScript代码。
CVSS Information
N/A
Vulnerability Type
N/A