Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
yaffa v2.0.0 is vulnerable to Cross Site Scripting (XSS). An attacker can inject malicious JavaScript into the "Add Account Group" function on the account-group page, allowing execution of arbitrary script in the context of users who view the affected page.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Yet Another Free Financial Application 安全漏洞
Vulnerability Description
Yet Another Free Financial Application是kantorge个人开发者的一个个人财务管理与规划的自托管Web应用。 Yet Another Free Financial Application 2.0.0版本存在安全漏洞,该漏洞源于account-group页面的Add Account Group功能存在跨站脚本,可能导致在查看受影响页面的用户环境中执行任意脚本。
CVSS Information
N/A
Vulnerability Type
N/A