Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Appalti & Contratti 9.12.2. The web applications are vulnerable to a Reflected Cross-Site Scripting issue. The idPagina parameter is reflected inside the server response without any HTML encoding, resulting in XSS when the victim moves the mouse pointer inside the page. As an example, the onmouseenter attribute is not sanitized.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Maggioli SpA Appalti & Contratti 跨站脚本漏洞
Vulnerability Description
Maggioli SpA Appalti & Contratti是Maggioli SpA公司的一个模块化平台。由多个集成的 web 应用程序组成,以支持意大利公共行政部门对其流程进行计算机化和远程信息管理。 Maggioli SpA Appalti & Contratti 9.12.2版本存在安全漏洞,该漏洞源于存在反射型跨站脚本,idPagina参数在没有任何HTML编码的情况下被反映在服务器响应中,当受害者在页面内移动鼠标指针时,会导致XSS。
CVSS Information
N/A
Vulnerability Type
N/A