Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cross site scripting (XSS) in meldekarten generator
Vulnerability Description
Meldekarten generator is an open source project to create a program, running locally in the browser without the need for an internet-connection, to create, store and print registration cards for volunteers. All text fields on the webpage are vulnerable to XSS attacks. The user input isn't (fully) sanitized after submission. This issue has been addressed in commit `77e04f4af` which is included in the `1.0.0b1.1.2` release. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Meldekarten Generator 跨站脚本漏洞
Vulnerability Description
Meldekarten Generator是jucktnich个人开发者的一个创建程序的项目。 Meldekarten generator 1.0.0b1.1.1及之前版本存在跨站脚本漏洞,该漏洞源于网页上的所有文本字段都容易受到 XSS 攻击,用户输入在提交后未完全清理。
CVSS Information
N/A
Vulnerability Type
N/A