Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Client-Side Desync Vulnerability
Vulnerability Description
This vulnerability occurs when a web server fails to correctly process the Content-Length of POST requests. This can lead to HTTP request smuggling or XSS.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Vulnerability Type
HTTP请求的解释不一致性(HTTP请求私运)
Vulnerability Title
SolarWinds Security Event Manager 环境问题漏洞
Vulnerability Description
SolarWinds Security Event Manager(SolarWinds SEM)是美国SolarWinds公司的一个安全事件管理器。用于取证和故障排除,以及帮助您管理日志数据的工具。 SolarWinds Security Event Manager 存在安全漏洞。攻击者利用该漏洞执行跨站脚本攻击。
CVSS Information
N/A
Vulnerability Type
N/A