Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Unvalidated paragraph widget values can be used for Cross-site Scripting in lara-zeus
Vulnerability Description
Lara-zeus Dynamic Dashboard simple way to manage widgets for your website landing page, and filament dashboard and Lara-zeus artemis is a collection of themes for the lara-zeus ecosystem. If values passed to a paragraph widget are not valid and contain a specific set of characters, applications are vulnerable to XSS attack against a user who opens a page on which a paragraph widget is rendered. Users are advised to upgrade to the appropriate fix versions detailed in the advisory metadata. There are no known workarounds for this vulnerability.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Dynamic Dashboard 跨站脚本漏洞
Vulnerability Description
Dynamic Dashboard是Lara Zeus开源的一个仪表盘。 Dynamic Dashboard存在跨站脚本漏洞。攻击者利用该漏洞执行跨站脚本攻击。
CVSS Information
N/A
Vulnerability Type
N/A