漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Multiple vulnerabilities in Energy CRM by Status Tracker
Vulnerability Description
Stored Cross-Site Scripting (XSS) vulnerability in Energy CRM v2025 by Status Tracker Ltd, consisting of a stored XSS due to lack of proper validation of user input by sending a POST request to “/crm/create_job_submit.php”, using the “JobCreatedBy” parameter. This vulnerability could allow a remote user to send a specially crafted query to an authenticated user and steal their cookie session details.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
ViDay 信息泄露漏洞
Vulnerability Description
ViDay是西班牙ViDay公司的一个业务管理平台。 ViDay存在信息泄露漏洞,该漏洞源于HTTP请求中JWT包含敏感用户信息,可能导致信息泄露。
CVSS Information
N/A
Vulnerability Type
N/A