Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cross-Site Scripting vulnerability in raptor-web 0.4.4
Vulnerability Description
raptor-web is a CMS for game server communities that can be used to host information and keep track of players. In version 0.4.4 of raptor-web, it is possible to craft a malicious URL that will result in a reflected cross-site scripting vulnerability. A user controlled URL parameter is loaded into an internal template that has autoescape disabled. This is a cross-site scripting vulnerability that affects all deployments of `raptor-web` on version `0.4.4`. Any victim who clicks on a malicious crafted link will be affected. This issue has been patched 0.4.4.1.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Raptor-Web 跨站脚本漏洞
Vulnerability Description
Raptor-Web是用于游戏服务器社区的内容管理平台,可用于托管信息并跟踪玩家以及各种其他功能。 Raptor-Web 0.4.4版本存在跨站脚本漏洞。攻击者利用该漏洞通过制作恶意URL执行跨站脚本攻击。
CVSS Information
N/A
Vulnerability Type
N/A