Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
facileManager Affected by Reflected Cross-Site Scripting (XSS)
Vulnerability Description
facileManager is a modular suite of web apps built with the sysadmin in mind. Prior to 6.0.4 , a reflected XSS occurs when an application receives data from an untrusted source and uses it in its HTTP responses in a way that could lead to vulnerabilities. It is possible to inject malicious JavaScript code into a URL by adding a script in a parameter. This vulnerability was found in the fmDNS module. The parameter that is vulnerable to an XSS attack is log_search_query. This vulnerability is fixed in 6.0.4.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
facileManager 跨站脚本漏洞
Vulnerability Description
facileManager是facileManager公司的一套模块化的 Web 应用程序。 facileManager 6.0.4之前版本存在跨站脚本漏洞,该漏洞源于fmDNS模块中log_search_query参数处理不当,可能导致反射型跨站脚本攻击。
CVSS Information
N/A
Vulnerability Type
N/A