Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in the Archibus app 4.0.3 for iOS. There is an XSS vulnerability in the create work request feature of the maintenance module, via the description field. This allows an attacker to perform an action on behalf of the user, exfiltrate data, and so on.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ARCHIBUS 跨站脚本漏洞
Vulnerability Description
ARCHIBUS是ARCHIBUS公司的一个专注于帮助组织有效地管理其房地产、设施和基础设施,以提高效率、降低成本并支持战略规划的软件平台。 ARCHIBUS 4.0.3(iOS)版本存在跨站脚本漏洞,该漏洞源于 maintenance 模块中的 create work request 功能中的 description字段存在跨站脚本漏洞,允许攻击者代替用户执行操作、窃取数据等。
CVSS Information
N/A
Vulnerability Type
N/A