Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Improper Neutralization of Input During Web Page Generation in WPN-XM Serverstack
Vulnerability Description
A Cross-Site Scripting vulnerability has been detected in WPN-XM Serverstack affecting version 0.8.6. This vulnerability could allow a remote attacker to send a specially crafted JavaScript payload through the /tools/webinterface/index.php parameter and retrieve the cookie session details of an authenticated user, resulting in a session hijacking.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
WPN-XM Serverstack 跨站脚本漏洞
Vulnerability Description
WPN-XM Serverstack是WPN-XM组织的一个用于在 Windows 上开发 PHP 的服务器堆栈。 WPN-XM Serverstack 0.8.6版本存在跨站脚本漏洞,该漏洞源于存在跨站脚本漏洞,可能允许远程攻击者发送特制的JavaScript载荷,导致会话劫持。
CVSS Information
N/A
Vulnerability Type
N/A