Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
UnoPim 0.1.3 and below is vulnerable to Cross Site Scripting (XSS) in the Create User function. This allows attackers to perform XSS via an SVG document, which can be used to steal cookies.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
UnoPim 安全漏洞
Vulnerability Description
UnoPim是UnoPim开源的一个基于 Laravel 框架的开源产品信息管理(PIM)系统。 UnoPim 0.1.3及之前版本存在安全漏洞,该漏洞源于创建用户功能存在跨站脚本(XSS)漏洞,允许攻击者在SVG文件扩展名中执行XSS,进而可窃取Cookie。
CVSS Information
N/A
Vulnerability Type
N/A