Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Ragic, Inc. Ragic - Reflected XSS
Vulnerability Description
Ragic report generation page has insufficient filtering for special characters. A remote attacker with general user privilege can inject JavaScript to perform XSS (Reflected Cross-Site Scripting) attack.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Ragic 跨站脚本漏洞
Vulnerability Description
Ragic是中国立即科技(Ragic)公司的一个 No Code 企业电子化工具。 Ragic 2022/06/28之前版本存在跨站脚本漏洞,该漏洞源于报告生成页面对特殊字符的过滤不足,远程攻击者利用该漏洞可以注入 JavaScript 来执行 XSS。
CVSS Information
N/A
Vulnerability Type
N/A