Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A CSV injection vulnerability in Automation Anywhere Automation 360 version 21094 allows attackers to execute arbitrary code via a crafted payload. NOTE: Automation Anywhere disputes this report, arguing the attacker executes everything from the client side and does not attack the Control Room. The payload is being injected in the http Response from the client-side, so the owner of the Response and payload is the end user in this case. They contend that the server's security controls have no impact or role to play in this situation and therefore this is not a valid vulnerability.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Automation Anywhere Automation 360 安全漏洞
Vulnerability Description
Automation Anywhere Automation 360是美国Automation Anywhere公司的一个云原生端到端智能自动化平台。 Automation Anywhere Automation 360 21094版本存在安全漏洞,该漏洞源于包含一个CSV注入漏洞,允许攻击者通过特制的有效载荷执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A