Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
VestaCP < 0.9.8-25 - Stored Cross-Site Scripting
Vulnerability Description
VestaCP versions prior to 0.9.8-25 contain a cross-site scripting vulnerability in the IP interface configuration that allows attackers to inject malicious scripts. Attackers can exploit the 'v_interface' parameter by sending a crafted POST request to the add/ip/ endpoint with a stored XSS payload.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Vesta Control Panel(VestaCP) 跨站脚本漏洞
Vulnerability Description
Vesta Control Panel(VestaCP)是Vesta Control Panel公司的一个开源的虚拟主机控制面板。 Vesta Control Panel(VestaCP) 0.9.8-25之前版本存在跨站脚本漏洞,该漏洞源于IP接口配置存在跨站脚本,可能导致攻击者注入恶意脚本。
CVSS Information
N/A
Vulnerability Type
N/A