Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Minecraft MOTD Parser's HtmlGenerator vulnerable to XSS
Vulnerability Description
Minecraft MOTD Parser is a PHP library to parse minecraft server motd. The HtmlGenerator class is subject to potential cross-site scripting (XSS) attack through a parsed malformed Minecraft server MOTD. The HtmlGenerator iterates through objects of MotdItem that are contained in an object of MotdItemCollection to generate a HTML string. An attacker can make malicious inputs to the color and text properties of MotdItem to inject own HTML into a web page during web page generation. For example by sending a malicious MOTD from a Minecraft server under their control that was queried and passed to the HtmlGenerator. This XSS vulnerability exists because the values of these properties are neither filtered nor escaped. This vulnerability is fixed in 1.0.6.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Minecraft MOTD Parser 安全漏洞
Vulnerability Description
Minecraft MOTD Parser是个人开发者(jgniecki)的一个用于解析Minecraft服务器的PHP库。 Minecraft MOTD Parser 1.0.5及之前版本存在安全漏洞,该漏洞源于HtmlGenerator类通过解析格式错误的Minecraft服务器MOTD,容易受到跨站脚本(XSS)攻击。
CVSS Information
N/A
Vulnerability Type
N/A