Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
HTML Injection Leading to Data Exfiltration to External Server vulnerability affects HCL Unica Platform
Vulnerability Description
HTML Injection can be carried out in Product when a web application does not properly check or clean user input before showing it on a webpage. Because of this, an attacker may insert unwanted HTML code into the page. When the browser loads the page, it may automatically interact with external resources included in that HTML, which can cause unexpected requests from the user’s browser.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
HCL Unica Platform 安全漏洞
Vulnerability Description
HCL Unica Platform是印度HCL公司的一个先进的企业自动化营销平台。无需人工操作即可处理日常营销任务并捕获最有效的潜在客户。 HCL Unica Platform存在安全漏洞,该漏洞源于未正确检查或清理用户输入,可能导致HTML注入攻击,造成用户浏览器与外部资源进行意外交互。
CVSS Information
N/A
Vulnerability Type
N/A