Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Veritas Enterprise Vault before 15.1 UPD882911, ZDI-CAN-24695. It allows an authenticated remote attacker to inject a parameter into an HTTP request, allowing for Cross-Site Scripting (XSS) while viewing archived content. This could reflect back to an authenticated user without sanitization if executed by that user.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Vulnerability Type
N/A
Vulnerability Title
Veritas Enterprise Vault 安全漏洞
Vulnerability Description
Veritas Enterprise Vault是Veritas公司的一个跨所有通信平台捕获、归档和发现信息的平台。 Veritas Enterprise Vault 15.1 UPD882911之前版本存在安全漏洞,该漏洞源于允许经过身份验证的远程攻击者将参数注入HTTP请求,从而允许在查看存档内容时进行跨站脚本(XSS)攻击。
CVSS Information
N/A
Vulnerability Type
N/A