Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cross-site Scripting (XSS) - Stored in kiwitcms/kiwi
Vulnerability Description
A stored XSS in a kiwi Test Plan can run malicious javascript which could be chained with an HTML injection to perform a UI redressing attack (clickjacking) and an HTML injection which disables the use of the history page.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Kiwi TCMS 跨站脚本漏洞
Vulnerability Description
Kiwi TCMS是Kiwi TCMS开源的一个用于手动和自动测试的领先开源测试管理系统。 Kiwi TCMS 存在安全漏洞,该漏洞源于不能正确清理,攻击者利用该漏洞可以执行存储型 XSS 和 HTML 注入攻击。
CVSS Information
N/A
Vulnerability Type
N/A