漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
A stored cross-site scripting (XSS) vulnerability in CodeIgniter4 v4.6.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the debugbar_time parameter. NOTE: this is disputed by the Supplier because attackers cannot influence the value of debugbar_time, and because debugbar-related data is automatically escaped by the CodeIgniter Parser class.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
CodeIgniter 4 安全漏洞
Vulnerability Description
CodeIgniter 4是CodeIgniter开源的一个PHP全栈Web框架。 CodeIgniter 4 4.6.0版本存在安全漏洞,该漏洞源于debugbar_time参数清理不当,可能导致存储型跨站脚本。
CVSS Information
N/A
Vulnerability Type
N/A