Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cross Site Scripting (XSS) in ssr-pages
Vulnerability Description
ssr-pages is an HTML page builder for the purpose of server-side rendering (SSR). In versions prior to 0.1.5, a cross site scripting (XSS) issue can occur when providing untrusted input to the `redirect.link` property as an argument to the `build(MessagePageOptions)` function. While there is no known workaround at this time, there is a patch in version 0.1.5.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
SSR-pages 跨站脚本漏洞
Vulnerability Description
Ssr Pages Builder是一个用于 Ssr(服务器端渲染)的 Html 页面构建器。 SSR-pages存在跨站脚本漏洞,该漏洞源于当向重定向提供不受信任的输入时,可能会出现跨站点脚本编写(XSS)问题。link 属性作为build(MessagePageOptions) 函数的参数。
CVSS Information
N/A
Vulnerability Type
N/A