Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A reflected cross-site scripted (XSS) vulnerability in the /jsp/gsfr_feditorHTML.jsp endpoint of Zucchetti ZMaintenance Infinity and Infinity Zucchetti v4.1 and earlier allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into the pHtmlSource parameter. A vendor fix was released on 2025-06-18.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Zucchetti ZMaintenance Infinity 安全漏洞
Vulnerability Description
Zucchetti ZMaintenance Infinity是意大利ZMaintenance公司的一个企业资产管理与维护软件。 Zucchetti ZMaintenance Infinity v4.1及之前版本存在安全漏洞,该漏洞源于pHtmlSource参数未经验证输入,可能导致反射型跨站脚本攻击。
CVSS Information
N/A
Vulnerability Type
N/A