Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Eximbills Enterprise 4.1.5 (Built on 2020-10-30) is vulnerable to authenticated stored cross-site scripting (CWE-79) via the /EximBillWeb/servlets/WSTrxManager endpoint. Unsanitized user input in the TMPL_INFO parameter is stored server-side and rendered to other users, enabling arbitrary JavaScript execution in their browsers.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
China Systems Eximbills Enterprise 安全漏洞
Vulnerability Description
China Systems Eximbills Enterprise是中国China Systems公司的一个贸易金融系统。 China Systems Eximbills Enterprise 4.1.5版本存在安全漏洞,该漏洞源于对TMPL_INFO参数未清理用户输入,可能导致存储型跨站脚本攻击。
CVSS Information
N/A
Vulnerability Type
N/A