漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
FreeScout Has Insufficient Protection Against CRLF-injection
Vulnerability Description
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.178, the application performs insufficient validation of user-supplied data, which is used as arguments to string formatting functions. As a result, an attacker can pass a string containing special symbols (\r, \n, \t)to the application. This issue has been patched in version 1.8.178.
CVSS Information
N/A
Vulnerability Type
使用外部控制的格式字符串
Vulnerability Title
FreeScout 注入漏洞
Vulnerability Description
FreeScout是FreeScout公司的一个使用 PHP(Laravel 框架)构建的超轻量级且功能强大的免费开源帮助台和共享收件箱。 FreeScout 1.8.178之前版本存在注入漏洞,该漏洞源于对用户提供数据的验证不足,可能导致字符串格式化问题。
CVSS Information
N/A
Vulnerability Type
N/A