Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Reflected Cross-Site Scripting in PDF Export Error Message
Vulnerability Description
A reflected cross-site scripting (XSS) vulnerability in the PDF export functionality of the TYDAC AG MAP+ solution allows unauthenticated attackers to craft a malicious URL, that if visited by a victim, will execute arbitrary JavaScript in the victim's context. Such a URL could be delivered through various means, for instance, by sending a link or by tricking victims to visit a page crafted by the attacker. This issue was verified in MAP+: 3.4.0.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
TYDAC AG MAP+ 安全漏洞
Vulnerability Description
TYDAC AG MAP+是瑞士TYDAC公司的一个地理信息系统平台。 TYDAC AG MAP+ 3.4.0版本存在安全漏洞,该漏洞源于PDF导出功能存在反射型跨站脚本,可能导致未经验证的攻击者通过特制恶意链接,在受害者环境中执行任意JavaScript。
CVSS Information
N/A
Vulnerability Type
N/A