Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Agiloft improper neutralization in EUI template engine
Vulnerability Description
Agiloft Release 28 does not properly neutralize special elements used in an EUI template engine, allowing an authenticated attacker to achieve remote code execution by loading a specially crafted payload. Users should upgrade to Agiloft Release 31.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
Vulnerability Type
CWE-1336
Vulnerability Title
Agiloft 安全漏洞
Vulnerability Description
Agiloft是美国Agiloft公司的一个合同管理平台。 Agiloft Release 28存在安全漏洞,该漏洞源于EUI模板引擎中特殊元素处理不当,可能导致远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A