漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Stored Cross-Site Scripting (XSS) in the Multi-purpose Inventory Management System
Vulnerability Description
Cross-site Scripting (XSS) vulnerability stored in Multi-Purpose Inventory Management System, consisting of a stored XSS due to lack of proper validation of user input by sending a POST request using the product_name parameter in /Controller_Products/update. This vulnerability could allow a remote user to send a specially crafted query to an authenticated user and steal their cookie session details.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Codester Multi-Purpose Inventory Management System 跨站脚本漏洞
Vulnerability Description
Codester Multi-Purpose Inventory Management System是Codester开源的一款多功能库存管理系统。 Codester Multi-Purpose Inventory Management System存在跨站脚本漏洞,该漏洞源于缺乏对用户输入的验证,可能导致存储型跨站脚本。
CVSS Information
N/A
Vulnerability Type
N/A