Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Consul Vulnerable To Reflected XSS On Content-Type Error Manipulation
Vulnerability Description
A vulnerability was identified in Consul and Consul Enterprise such that the server response did not explicitly set a Content-Type HTTP header, allowing user-provided inputs to be misinterpreted and lead to reflected XSS.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
HashiCorp Consul 安全漏洞
Vulnerability Description
HashiCorp Consul是美国HashiCorp公司的一套分布式、高可用数据中心感知解决方案。该产品用于跨动态分布式基础架构连接和配置应用程序。 HashiCorp Consul存在安全漏洞,该漏洞源于服务器响应未明确设置 Content-Type HTTP 标头,导致用户提供的输入被误解并导致跨站脚本攻击。
CVSS Information
N/A
Vulnerability Type
N/A