Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Stored Cross-Site Scripting (XSS) in Kubysoft
Vulnerability Description
Stored Cross-Site Scripting (XSS) vulnerability in Kubysoft, where uploaded SVG images are not properly sanitized. This allows attackers to embed malicious scripts within SVG files as visual content, which are then stored on the server and executed in the context of any user accessing the compromised resource.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Kubysoft 跨站脚本漏洞
Vulnerability Description
Kubysoft是西班牙Kubysoft公司的一个IT资产管理软件。 Kubysoft存在跨站脚本漏洞,该漏洞源于上传的SVG图像清理不当,可能导致攻击者嵌入恶意脚本,并在任何访问受感染资源的用户环境中执行。
CVSS Information
N/A
Vulnerability Type
N/A