Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A stored cross-site scripting (XSS) vulnerability in the Create Customer API in Incognito Service Activation Center (SAC) UI v14.11 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the lastName parameter.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Incognito Service Activation Center 安全漏洞
Vulnerability Description
Incognito Service Activation Center(Incognito SAC)是Incognito公司的一种云原生解决方案,可通过任何访问技术自动提供基于意图的 IP 服务,并简化后端流程以降低运营支出。 Incognito Service Activation Center 14.11版本存在安全漏洞,该漏洞源于创建客户API中存在存储型跨站脚本漏洞,攻击者可以通过向lastName参数注入精心设计的有效载荷来执行任意Web脚本或超文本标记语言。
CVSS Information
N/A
Vulnerability Type
N/A