漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Apache JSPWiki: XSS Injection points in several plugins
Vulnerability Description
A carefully crafted request on several JSPWiki plugins could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Apache JSPWiki users should upgrade to 2.12.0 or later.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Apache JSPWiki 跨站脚本漏洞
Vulnerability Description
Apache JSPWiki是美国阿帕奇(Apache)基金会的一款基于Java、Servlet和JSP构建的开源WikiWiki引擎。 Apache JSPWiki 2.12.0之前版本存在跨站脚本漏洞。攻击者利用该漏洞在受害者的浏览器中执行javascript并获取有关受害者的敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A