漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
XikeStor SKS8310-8X Stored XSS via System Name
Vulnerability Description
XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain a stored cross-site scripting vulnerability that allows authenticated attackers to inject arbitrary script content through the System Name field. Attackers can inject malicious scripts that execute in a victim's browser when the stored value is viewed due to improper output encoding.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
XikeStor SKS8310-8X 跨站脚本漏洞
Vulnerability Description
XikeStor SKS8310-8X是中国兮克(XikeStor)公司的一个以太网交换机。 XikeStor SKS8310-8X 1.04.B07及之前版本存在跨站脚本漏洞,该漏洞源于System Name字段存在存储型跨站脚本漏洞,可能导致恶意脚本执行。
CVSS Information
N/A
Vulnerability Type
N/A