Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Stored XSS Vulnerability in QualysGuard VM/PC
Vulnerability Description
A Qualys web application was found to have a stored XSS vulnerability resulting from the absence of HTML encoding in the presentation of logging information to users. This vulnerability allowed a user with login access to the application to introduce XSS payload via browser details.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Qualys Web Application 跨站脚本漏洞
Vulnerability Description
Qualys Web Application是美国Qualys公司的一个 Web 应用程序。 Qualys Web Application 10.24.0.0之前版本存在跨站脚本漏洞,该漏洞源于向用户呈现日志信息时缺少 HTML 编码,允许具有应用程序登录访问权限的用户通过浏览器详细信息引入有效负载。
CVSS Information
N/A
Vulnerability Type
N/A