Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Stored XSS in "Name", "Group Name" & "Title" in polonel/trudesk
Vulnerability Description
Stored XSS in "Name", "Group Name" & "Title" in GitHub repository polonel/trudesk prior to v1.2.0. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data exposure, and worse.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Trudesk 跨站脚本漏洞
Vulnerability Description
Chris Brame Trudesk是美国Chris Brame公司的一个开源帮助台/票务解决方案。 GitHub repository polonel/trudesk 1.2.0之前版本存在跨站脚本漏洞,该漏洞源于将跨站脚本存储在GitHub repository polonel/trudesk中的“Name”、“Group Name”和“Title”中。攻击者利用该漏洞在用户浏览器中执行恶意脚本,导致会话劫持、敏感数据泄露等。
CVSS Information
N/A
Vulnerability Type
N/A