Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
WEPA Print Away is vulnerable to a stored XSS. It does not properly sanitize uploaded filenames, allowing an attacker to deceive a user into uploading a document with a malicious filename, which will be included in subsequent HTTP responses, allowing a stored XSS to occur. This attack is persistent across victim sessions.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
WEPA Print Away 跨站脚本漏洞
Vulnerability Description
WEPA Print Away是威斯康星大学密尔沃基分校(University of Wisconsin-Milwaukee)组织的一种基于云的打印管理解决方案。 WEPA Print Away存在安全漏洞,该漏洞源于没有正确地清理上传的文件名。攻击者利用该漏洞执行跨站脚本攻击。
CVSS Information
N/A
Vulnerability Type
N/A