Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Improper Error Handling Vulnerability in Wave 2.0
Vulnerability Description
This vulnerability exists in the Wave 2.0 due to improper exception handling for invalid inputs at certain API endpoint. An authenticated remote attacker could exploit this vulnerability by providing invalid inputs for “userId” parameter in the API request leading to generation of error message containing sensitive information on the targeted system.
CVSS Information
N/A
Vulnerability Type
通过错误消息导致的信息暴露
Vulnerability Title
Brokerage Wave 安全漏洞
Vulnerability Description
Brokerage Wave是Brokerage公司的一个前台产品。 Brokerage Wave 2.0版本存在安全漏洞,该漏洞源于API端点对无效输入的异常处理不当,从而攻击者可通过在API请求中为userId参数提供无效输入来生成包含目标系统敏感信息的错误消息。
CVSS Information
N/A
Vulnerability Type
N/A