Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
07FLYCMS/07FLY-CMS/07FlyCRM System Settings Page cross site scripting
Vulnerability Description
A vulnerability was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM 1.3.8. It has been rated as problematic. Affected by this issue is some unknown functionality of the component System Settings Page. The manipulation of the argument Login Interface Copyright leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The affected product is known with different names like 07FLYCMS, 07FLY-CMS, and 07FlyCRM. It was not possible to reach out to the vendor before assigning a CVE due to a not working mail address.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
07FLY CRM 跨站脚本漏洞
Vulnerability Description
07FLY CRM是中国零起飞(07FLY)公司的一个 OA 办公系统。 07FLY CRM 1.3.8版本存在跨站脚本漏洞,该漏洞源于组件System Settings Page的参数Logi会导致跨站脚本。
CVSS Information
N/A
Vulnerability Type
N/A