Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A stored cross-site scripting (XSS) vulnerability in CodeIgniter4 v4.6.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the debugbar_time parameter. NOTE: this is disputed by the Supplier because attackers cannot influence the value of debugbar_time, and because debugbar-related data is automatically escaped by the CodeIgniter Parser class.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
CodeIgniter 4 安全漏洞
Vulnerability Description
CodeIgniter 4是CodeIgniter开源的一个PHP全栈Web框架。 CodeIgniter 4 4.6.0版本存在安全漏洞,该漏洞源于debugbar_time参数清理不当,可能导致存储型跨站脚本。
CVSS Information
N/A
Vulnerability Type
N/A