Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A stored cross-site scripting vulnerability exists in the WebUserActions.aspx functionality of Lansweeper lansweeper 9.1.20.2. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger this vulnerability.
CVSS Information
N/A
Vulnerability Type
Web页面中脚本相关HTML标签转义处理不恰当(基本跨站脚本)
Vulnerability Title
Lansweeper 跨站脚本漏洞
Vulnerability Description
Lansweeper是比利时Lansweeper公司的一套IT资产管理系统。该系统包括IT资产发现、网络设置扫描等功能。 Lansweeper 存在跨站脚本漏洞,该漏洞源于在WebUserActions中对用户提供的数据没有充分的清理。攻击者可利用该漏洞在脆弱网站的背景下,在用户的浏览器中注入并执行任意HTML和脚本代码。
CVSS Information
N/A
Vulnerability Type
N/A