Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Stored Cross-Site Scripting (XSS) vulnerability in the Wakyma application web
Vulnerability Description
Stored Cross-Site Scripting (XSS) vulnerability in the Wakyma web application, specifically in the endpoint 'vets.wakyma.com/configuracion/agenda/modelo-formulario-evento'. A user with permission to create personalized accounts could exploit this vulnerability simply by creating a malicious survey that would harm the entire veterinary team. At the same time, a user with low privileges could exploit this vulnerability to access unauthorized data and perform actions with elevated privileges.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Wakyma 跨站脚本漏洞
Vulnerability Description
Wakyma是西班牙Wakyma公司的一个宠物管理应用。 Wakyma存在跨站脚本漏洞,该漏洞源于端点vets.wakyma.com/configuracion/agenda/modelo-formulario-evento存在存储型跨站脚本,可能导致具有创建个性化账户权限的用户创建恶意调查,危害整个兽医团队,或低权限用户访问未授权数据并执行高权限操作。
CVSS Information
N/A
Vulnerability Type
N/A