Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
TerriaJS-Server has a domain validation bypass vulnerability in its proxy allowlist
Vulnerability Description
TerriaJS-Server is a NodeJS Express server for TerriaJS, a library for building web-based geospatial data explorers. A validation bug in versions prior to 4.0.3 allows an attacker to proxy domains not explicitly allowed in the `proxyableDomains` configuration. Version 4.0.3 fixes the issue.
CVSS Information
N/A
Vulnerability Type
输入验证不恰当
Vulnerability Title
terriajs-server 代码问题漏洞
Vulnerability Description
terriajs-server是Terria开源的一个NodeJS Express服务器。 terriajs-server 4.0.3之前版本存在代码问题漏洞,该漏洞源于验证错误,可能导致代理未经授权的域。
CVSS Information
N/A
Vulnerability Type
N/A