Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Stormshield Network Security (SNS) 3.7.0 through 3.7.41, 3.10.0 through 3.11.29, 4.0 through 4.3.24, and 4.4.0 through 4.7.4. A user who has access to the SNS with write access on the email alerts page has the ability to create alert email containing malicious JavaScript, executed by the template preview. The following versions fix this: 3.7.42, 3.11.30, 4.3.25, and 4.7.5.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Stormshield Network Security 安全漏洞
Vulnerability Description
Stormshield Network Security(SNS)是法国Stormshield公司的一款下一代UTM(统一威胁管理)防火墙。 Stormshield Network Security(SNS)存在安全漏洞,该漏洞源于在电子邮件提醒页面上具有写入访问权限的用户能够在模板预览中运行恶意代码。受影响版本如下:3.7.0至3.7.41版本、3.10.0至3.11.29版本、4.0至4.3.24版本和4.4.0至4.7.4版本。
CVSS Information
N/A
Vulnerability Type
N/A