Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cross-site Scripting in ControlByWeb Relays
Vulnerability Description
The affected ControlByWeb Relay products are vulnerable to a stored cross-site scripting vulnerability, which could allow an attacker to inject arbitrary scripts into the endpoint of a web interface that could run malicious javascript code during a user's session.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Control By Web Relay 跨站脚本漏洞
Vulnerability Description
Control By Web Relay是Control By Web公司的一款网络控制继电器。 Control By Web Relay X-332和X-301存在安全漏洞,该漏洞源于容易受到存储型跨站脚本漏洞的影响,可能允许攻击者将任意脚本注入Web界面的端点,从而在用户会话期间运行恶意JavaScript代码。
CVSS Information
N/A
Vulnerability Type
N/A