SolarWinds Serv-U Client-Side Cross-Site Scripting Vulnerability

SolarWinds Serv-U is vulnerable to a client-side cross-site scripting (XSS) vulnerability. The vulnerability can only be performed by an authenticated account, on the local machine, from the local browser session. Therefore the risk is very low.

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N

在Web页面生成时对输入的转义处理不恰当(跨站脚本)

SolarWinds Serv-U 跨站脚本漏洞

SolarWinds Serv-U是美国SolarWinds公司的一款 FTP（文件传输协议）服务器软件。 SolarWinds Serv-U存在跨站脚本漏洞，该漏洞源于客户端跨站脚本漏洞，可能导致本地攻击。

N/A

N/A