漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Reflected Cross-Site Scripting on Anon Proxy Server
Vulnerability Description
Reflected Cross-Site Scripting (XSS) vulnerability in Anon Proxy Server v0.104. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending him/her a malicious URL. This vulnerability can be exploited to steal sensitive user data, such as session cookies, or to perform actions on behalf of the user. It affects 'host' parameter in '/diagdns.php' endpoint.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
niknah Anon Proxy Server 跨站脚本漏洞
Vulnerability Description
niknah Anon Proxy Server是niknah公司的一个提供匿名网络访问与流量转发能力的代理服务器软件。 niknah Anon Proxy Server v0.104版本存在跨站脚本漏洞,该漏洞源于/diagdns.php端点的host参数未对用户输入进行有效过滤,攻击者可构造恶意URL注入JavaScript代码,在受害者浏览器中执行恶意脚本,进而窃取敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A