Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Stored XSS in CemiPark
Vulnerability Description
The access control in CemiPark software does not properly validate user-entered data, which allows the stored cross-site scripting (XSS) attack. The parameters used to enter data into the system do not have appropriate validation, which makes possible to smuggle in HTML/JavaScript code. This code will be executed in the user's browser space.This issue affects CemiPark software: 4.5, 4.7, 5.03 and potentially others. The vendor refused to provide the specific range of affected products.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
CemiPark 跨站脚本漏洞
Vulnerability Description
CemiPark是CemiPark公司的一款应用程序。 CemiPark存在跨站脚本漏洞,该漏洞源于无法正确验证用户输入的数据,从而允许存储型跨站脚本(XSS)攻击。
CVSS Information
N/A
Vulnerability Type
N/A