Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Improper Neutralization of Special Elements in Output Used by a Downstream Component in omeka/omeka-s
Vulnerability Description
CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') in GitHub repository omeka/omeka-s prior to version 4.0.3.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N
Vulnerability Type
输出中的特殊元素转义处理不恰当(注入)
Vulnerability Title
Omeka S 注入漏洞
Vulnerability Description
Omeka S是Omeka公司的一个开源的网络内容管理系统(CMS),专门用于创建和管理数字展览和在线数字档案馆。它是 Omeka 项目的新版本,与传统的 Omeka Classic 不同,Omeka S 强调多用户协作和实现更大规模的数字展览。 Omeka S 4.0.3之前版本存在注入漏洞,该漏洞源于Installation title参数存在HTML注入漏洞,单击该参数会导致开放重定向。
CVSS Information
N/A
Vulnerability Type
N/A