Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A cross-site scripting vulnerability in Trellix Central Management (CM) prior to 9.1.3.97129 allows a remote authenticated attacker to craft CM dashboard internal requests causing arbitrary content to be injected into the response when accessing the CM dashboard.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Trellix Central Management 跨站脚本漏洞
Vulnerability Description
Trellix Central Management是美国Trellix公司的一个中央管理系统。将 Trellix 产品的管理、报告和数据共享整合到一个易于部署的系统中。 Trellix Central Management 9.1.3.97129之前版本存在跨站脚本漏洞,该漏洞源于存在跨站脚本漏洞,允许经过身份验证的远程攻击者将任意内容注入到响应中。
CVSS Information
N/A
Vulnerability Type
N/A