Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
diskover-web v2.3.0 Community Edition is vulnerable to multiple reflected cross-site scripting (XSS) flaws in its web interface. Unsanitized GET parameters including maxage, maxindex, index, path, q (query), and doctype are directly echoed into the HTML response, allowing attackers to inject and execute arbitrary JavaScript when a victim visits a maliciously crafted URL.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Diskover-web 安全漏洞
Vulnerability Description
Diskover-web是美国Diskover公司的一款文件系统索引工具。 Diskover-web v2.3.0版本存在安全漏洞,该漏洞源于多个GET参数清理不当,可能导致反射型跨站脚本攻击。
CVSS Information
N/A
Vulnerability Type
N/A