漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Input validation issue in AWS Amplify Studio UI component properties
Vulnerability Description
The AWS Amplify Studio UI component property expressions in the aws-amplify/amplify-codegen-ui package lack input validation. This could potentially allow an authenticated user who has access to create or modify components to run arbitrary JavaScript code during the component rendering and build process.
CVSS Information
N/A
Vulnerability Type
动态执行代码中指令转义处理不恰当(Eval注入)
Vulnerability Title
Amplify Codegen UI 安全漏洞
Vulnerability Description
Amplify Codegen UI是AWS Amplify开源的一个生成用于AWS Amplify项目的React组件。 Amplify Codegen UI存在安全漏洞,该漏洞源于AWS Amplify Studio UI组件属性表达式缺少输入验证,可能导致执行任意JavaScript代码。
CVSS Information
N/A
Vulnerability Type
N/A