Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Ctrlpanel has stored XSS vulnerability in TicketsController priority field
Vulnerability Description
CtrlPanel is open-source billing software for hosting providers. Prior to version 1.0, a Cross-Site Scripting (XSS) vulnerability exists in the `TicketsController` and `Moderation/TicketsController` due to insufficient input validation on the `priority` field during ticket creation and unsafe rendering of this field in the moderator panel. Version 1.0 contains a patch for the issue.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
CtrlPanel-gg 跨站脚本漏洞
Vulnerability Description
CtrlPanel-gg是CtrlPanel-gg开源的一个易于使用且免费的计费解决方案。 CtrlPanel-gg 1.0之前版本存在跨站脚本漏洞,该漏洞源于在创建工单期间对优先级字段的输入验证不足以及在主持人面板中不安全地呈现此字段,导致跨站脚本(XSS)漏洞。
CVSS Information
N/A
Vulnerability Type
N/A