Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Reflected Cross-Site Scripting in Dashboard Search
Vulnerability Description
A reflected cross-site scripting (XSS) vulnerability in the dashboard search functionality of the VertiGIS FM solution allows attackers to craft a malicious URL, that if visited by an authenticated victim, will execute arbitrary JavaScript in the victim's context. Such a URL could be delivered through various means, for instance, by sending a link or by tricking victims to visit a page crafted by the attacker.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
VertiGIS FM 安全漏洞
Vulnerability Description
VertiGIS FM是VertiGIS公司的一款结合地理信息的设施与资产管理平台。 VertiGIS FM存在安全漏洞,该漏洞源于仪表板搜索功能存在反射型跨站脚本,可能导致攻击者制作恶意URL,若经过身份验证的受害者访问,将在受害者环境中执行任意JavaScript。
CVSS Information
N/A
Vulnerability Type
N/A