Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
XSS in Proget MDM
Vulnerability Description
Input provided in a field containing "activationMessage" in Konsola Proget is not sanitized correctly, allowing a high-privileged user to perform a Stored Cross-Site Scripting attack. This issue has been fixed in 2.17.5 version of Konsola Proget (server part of the MDM suite).
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Inedo ProGet 安全漏洞
Vulnerability Description
Inedo ProGet是Inedo公司的一个包管理系统。 Inedo ProGet 2.17.5之前版本存在安全漏洞,该漏洞源于activationMessage字段输入清理不当,可能导致高权限用户执行存储型跨站脚本攻击。
CVSS Information
N/A
Vulnerability Type
N/A