漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Veritas Enterprise Vault before 15.1 UPD882911, ZDI-CAN-24697. It allows an authenticated remote attacker to inject a parameter into an HTTP request, allowing for Cross-Site Scripting (XSS) while viewing archived content. This could reflect back to an authenticated user without sanitization if executed by that user.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Vulnerability Type
N/A
Vulnerability Title
Veritas Enterprise Vault 安全漏洞
Vulnerability Description
Veritas Enterprise Vault是Veritas公司的一个跨所有通信平台捕获、归档和发现信息的平台。 Veritas Enterprise Vault 15.1 UPD882911之前版本存在安全漏洞,该漏洞源于允许经过身份验证的远程攻击者将参数注入HTTP请求,从而允许在查看存档内容时进行跨站脚本(XSS)攻击。
CVSS Information
N/A
Vulnerability Type
N/A