Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
A XStream Security Vulnerability in XML Deserialization in datavane/tis
Vulnerability Description
Unrestricted Upload of File with Dangerous Type, Deserialization of Untrusted Data vulnerability in datavane tis (tis-plugin/src/main/java/com/qlangtech/tis/extension/impl modules). This vulnerability is associated with program files XmlFile.Java. This issue affects tis: before v4.3.0.
CVSS Information
N/A
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
tis 安全漏洞
Vulnerability Description
tis是Datavane开源的一个敏捷代码开发平台。 tis v4.3.0之前版本存在安全漏洞,该漏洞源于程序文件XmlFile.Java存在不受限制的危险类型文件上传和不可信数据反序列化。
CVSS Information
N/A
Vulnerability Type
N/A