漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
CVE-2025-26514 Reflected Cross-Site Scripting Vulnerability in StorageGRID (formerly StorageGRID Webscale)
Vulnerability Description
StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8.0.15 and 11.9.0.8 are susceptible to a Reflected Cross-Site Scripting vulnerability. Successful exploit could allow an attacker to view or modify configuration settings or add or modify user accounts but requires the attacker to know specific information about the target instance and then trick a privileged user into clicking a specially crafted link.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:L
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
NetApp StorageGRID 安全漏洞
Vulnerability Description
NetApp StorageGRID是美国网络器械(NetApp)公司的一套对象存储解决方案。 NetApp StorageGRID 11.8.0.15之前版本和11.9.0.8之前版本存在安全漏洞,该漏洞源于容易受到反射型跨站脚本攻击,可能导致查看或修改配置设置或用户账户。
CVSS Information
N/A
Vulnerability Type
N/A