Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability has been identified in SINEMA Server V14 (All versions). The affected application improperly sanitizes certain SNMP configuration data retrieved from monitored devices. An attacker with access to a monitored device could perform a stored cross-site scripting (XSS) attack that may lead to arbitrary code execution with `SYSTEM` privileges on the application server. (ZDI-CAN-19823)
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Siemens SINEMA Server 跨站脚本漏洞
Vulnerability Description
Siemens SINEMA Server是德国西门子(Siemens)公司的一款专门为工业应用开发的软件。它使您能够完全可视化和监视网络。 Siemens SINEMA Server V14 存在跨站脚本漏洞,该漏洞源于受影响的应用程序不正确地清理从受监控设备检索的某些 SNMP 配置数据。
CVSS Information
N/A
Vulnerability Type
N/A