漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
HCL Aftermarket DPC is affected by Cross-Origin Resource Sharing vulnerability
Vulnerability Description
HCL Aftermarket DPC is affected by Cross-Origin Resource Sharing vulnerability. CORS misconfigurations includes the exposure of sensitive user information to attackers, unauthorized access to APIs, and possible data manipulation or leakage. If an attacker to exploit CORS misconfiguration, they could steal sensitive data, perform actions on behalf of a legitimate user.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N
Vulnerability Type
过度许可的跨域白名单
Vulnerability Title
HCL Aftermarket DPC 安全漏洞
Vulnerability Description
HCL Aftermarket DPC是印度HCL公司的一个数字化备件与售后服务管理平台。 HCL Aftermarket DPC存在安全漏洞,该漏洞源于跨域资源共享配置不当,可能导致敏感用户信息泄露、API未经授权访问以及数据篡改或泄露,攻击者可利用此配置不当窃取敏感数据或以合法用户身份执行操作。
CVSS Information
N/A
Vulnerability Type
N/A