漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Reflected Cross-Site Scripting on Anon Proxy Server
Vulnerability Description
Reflected Cross-Site Scripting (XSS) vulnerability in Anon Proxy Server v0.104. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending him/her a malicious URL. This vulnerability can be exploited to steal sensitive user data, such as session cookies, or to perform actions on behalf of the user. It affects 'port' and 'proxyPort' parameters in '/anon.php' endpoint.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
niknah Anon Proxy Server 跨站脚本漏洞
Vulnerability Description
niknah Anon Proxy Server是niknah公司的一个提供匿名网络访问与流量转发能力的代理服务器软件。 Anon Proxy Server v0.104版本存在跨站脚本漏洞,该漏洞源于/anon.php端点的port和proxyPort参数未对用户输入进行有效过滤,攻击者可构造恶意URL注入JavaScript代码,在受害者浏览器中执行恶意脚本,进而窃取敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A