Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Slink v1.4.9 allows stored cross-site scripting (XSS) via crafted SVG uploads. When a user views the shared image in a new browser tab, the embedded JavaScript executes. The issue affects both authenticated and unauthenticated users.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Slink 安全漏洞
Vulnerability Description
Slink是Andrii Kryvoviaz个人开发者的一个自托管图像共享服务。 Slink v1.4.9版本存在安全漏洞,该漏洞源于特制SVG上传容易受到存储型跨站脚本攻击。
CVSS Information
N/A
Vulnerability Type
N/A