Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting vulnerability in Trellix ePolicy Orchestrator prior to ePO 5.10 Service Pack 1 Update 3 allows a remote authenticated attacker to craft requests causing arbitrary content to be injected into the response when accessing the epolicy Orchestrator.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Trellix ePolicy Orchestrator 跨站脚本漏洞
Vulnerability Description
Trellix ePolicy Orchestrator是美国火眼(Trellix)公司的一款集中的安全管理平台。 Trellix ePolicy Orchestrator 5.10 Service Pack 1 Update 3之前版本存在跨站脚本漏洞。攻击者利用该漏洞通过特制的请求在访问 ePolicy Orchestrator 时将任意内容注入响应中。
CVSS Information
N/A
Vulnerability Type
N/A