Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
There is a Cross Site Scripting attack (XSS) vulnerability in JavaQuarkBBS <= v2. By entering specific statements into the background tag management module, the attack statement will be stored in the database, and the next victim will be attacked when he accesses the tag module.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
JavaQuarkBbs 跨站脚本漏洞
Vulnerability Description
JavaQuarkBbs是中国的基于 Spring Boot 实现的一个简易的 Java 社区。 JavaQuarkBBS v2及其之前版本存在跨站脚本漏洞,该漏洞源于后台标签缺少有效的过滤和转义,通过在后台标签管理模块中输入特定的语句,攻击语句将被存储在数据库中,下一个受害者将在访问标签模块时受到攻击。
CVSS Information
N/A
Vulnerability Type
N/A