Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
HCL BigFix Web Reports authorized users may perform HTML injection.
Vulnerability Description
BigFix Web Reports authorized users may perform HTML injection for the email administrative configuration page.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
HCL Technologies HCL BigFix Platform 跨站脚本漏洞
Vulnerability Description
HCL Technologies HCL BigFix Platform是印度HCL Technologies公司的一套端点安全管理平台。该平台支持自动发现、管理和修复端点安全问题。 HCL Technologies HCL BigFix Platform 9.5至9.5.19版本、10至10.0.6版本存在安全漏洞,该漏洞源于BigFix Web Reports的授权用户可以对电子邮件管理配置页面进行HTML注入。
CVSS Information
N/A
Vulnerability Type
N/A