漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
A file upload functionality in Piranha CMS 11.1 allows authenticated remote attackers to upload a crafted PDF file to /manager/media. This PDF can contain malicious JavaScript code, which is executed when a victim user opens or interacts with the PDF in their web browser, leading to a XSS vulnerability.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Piranha CMS 安全漏洞
Vulnerability Description
Piranha CMS是Piranha CMS开源的一个用作 .Net5 的友好的以编辑器为中心的 CMS。 Piranha CMS 11.1版本存在安全漏洞,该漏洞源于允许经过身份验证的远程攻击者上传精心制作的PDF文件到/manager/media,从而导致跨站脚本漏洞攻击。
CVSS Information
N/A
Vulnerability Type
N/A