Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A stored Cross-Site Scripting (XSS) vulnerability has been identified in SMSEagle software version < 6.0. The vulnerability arises because the application did not properly sanitize user input in the SMS messages in the inbox. This could allow an attacker to inject malicious JavaScript code into an SMS message, which gets executed when the SMS is viewed and specially interacted in web-GUI.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SMSEagle 安全漏洞
Vulnerability Description
SMSEagle是SMSEagle公司的一款用于发送和接收 SMS 消息的专业硬件 SMS 网关软件。 SMSEagle 6.0版本存在安全漏洞,该漏洞源于应用程序未正确清理收件箱中SMS消息中的用户输入,导致存储型跨站脚本攻击,从而允许攻击者将恶意JavaScript代码注入SMS消息并执行。
CVSS Information
N/A
Vulnerability Type
N/A