Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Stored XSS due to no sanitization in the filename in causefx/organizr
Vulnerability Description
Stored XSS due to no sanitization in the filename in GitHub repository causefx/organizr prior to 2.1.1810. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data exposure, and worse.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Organizr 跨站脚本漏洞
Vulnerability Description
Organizr是一个选项卡管理系统。旨在成为服务器前端的一站式商店。 Organizr 2.1.1810 版本之前存在跨站脚本漏洞,该漏洞源于文件名没有经过清理。攻击者可以在用户的浏览器中执行恶意脚本,并可能导致会话劫持、敏感数据暴露。
CVSS Information
N/A
Vulnerability Type
N/A