Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Improper neutralization of input during web page generation allows an unauthenticated attacker to submit malicious Javascript as the answer to a questionnaire which would then be executed when an authenticated user reviews the candidate's submission. This could be used to steal other users’ cookies and force users to make actions without their knowledge.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenCats 跨站脚本漏洞
Vulnerability Description
OpenCats是一套开源的招聘流程管理系统。 OpenCats 0.9.6版本存在安全漏洞,该漏洞源于输入中和不当,攻击者利用该漏洞可以窃取其他用户的cookies。
CVSS Information
N/A
Vulnerability Type
N/A