Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A Reflected Cross-site scripting (XSS) issue was discovered in dotCMS Core through 22.06. This occurs in the admin portal when the configuration has XSS_PROTECTION_ENABLED=false. NOTE: the vendor disputes this because the current product behavior, in effect, has XSS_PROTECTION_ENABLED=true in all configurations
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
dotCMS 跨站脚本漏洞
Vulnerability Description
dotCMS是美国dotCMS公司的一套内容管理系统(CMS)。该系统支持RSS订阅、博客、论坛等模块,并具有易于扩展和构建的特点。effect是一款用于添加图像效果的软件包。 dotCMS 5.2及之后版本存在跨站脚本漏洞,该漏洞源于存在配置问题导致在管理门户中发生跨站脚本漏洞。
CVSS Information
N/A
Vulnerability Type
N/A