漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Multiple Unauthenticated Stored Cross-Site Scripting
Vulnerability Description
In the "bestinformed Web" application, some user input was not properly sanitized. This leads to multiple unauthenticated stored cross-site scripting vulnerabilities. An unauthenticated attacker is able to compromise the sessions of users on the server by injecting JavaScript code into their session using an "Unauthenticated Stored Cross-Site Scripting". The attacker is then able to ride the session of those users and can abuse their privileges on the "bestinformed Web" application.
CVSS Information
N/A
Vulnerability Type
输入验证不恰当
Vulnerability Title
Cordaware bestinformed 安全漏洞
Vulnerability Description
Cordaware bestinformed是德国Cordaware公司的一套群发通知系统。 Cordaware bestinformed存在安全漏洞,该漏洞源于输入清理不当,容易受到存储型跨站脚本攻击。
CVSS Information
N/A
Vulnerability Type
N/A