Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Multiple Unauthenticated Stored Cross-Site Scripting
Vulnerability Description
In the "bestinformed Web" application, some user input was not properly sanitized. This leads to multiple unauthenticated stored cross-site scripting vulnerabilities. An unauthenticated attacker is able to compromise the sessions of users on the server by injecting JavaScript code into their session using an "Unauthenticated Stored Cross-Site Scripting". The attacker is then able to ride the session of those users and can abuse their privileges on the "bestinformed Web" application.
CVSS Information
N/A
Vulnerability Type
输入验证不恰当
Vulnerability Title
Cordaware bestinformed 安全漏洞
Vulnerability Description
Cordaware bestinformed是德国Cordaware公司的一套群发通知系统。 Cordaware bestinformed存在安全漏洞,该漏洞源于输入清理不当,容易受到存储型跨站脚本攻击。
CVSS Information
N/A
Vulnerability Type
N/A