Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Sysaid – Sysaid Local File Inclusion (LFI)
Vulnerability Description
Sysaid – Sysaid Local File Inclusion (LFI) – An unauthenticated attacker can access to the system by accessing to "/lib/tinymce/examples/index.html" path. in the "Insert/Edit Embedded Media" window Choose Type : iFrame and File/URL : [here is the LFI] Solution: Update to 22.2.20 cloud version, or to 22.1.64 on premise version.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L
Vulnerability Type
N/A
Vulnerability Title
Sysaid Technologies SysAid 路径遍历漏洞
Vulnerability Description
Sysaid Technologies SysAid是以色列Sysaid Technologies公司的一套IT服务管理解决方案。 Sysaid Technologies SysAid 存在安全漏洞,该漏洞源于应用存在的文件包含问题。未经身份验证的攻击者可以通过访问 /lib/tinymce/examples/index.html 路径来利用该漏洞访问系统。
CVSS Information
N/A
Vulnerability Type
N/A