Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
DbGate SVG Icon String FontIcon.svelte cross site scripting
Vulnerability Description
A security vulnerability has been detected in DbGate up to 7.1.4. This affects an unknown function of the file packages/web/src/icons/FontIcon.svelte of the component SVG Icon String Handler. Such manipulation of the argument applicationIcon leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 7.1.5 mitigates this issue. It is advisable to upgrade the affected component.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
DbGate 代码注入漏洞
Vulnerability Description
DbGate是DbGate开源的一个数据库管理器。 DbGate 7.1.4及之前版本存在代码注入漏洞,该漏洞源于SVG Icon String Handler组件中文件packages/web/src/icons/FontIcon.svelte对参数applicationIcon的操作存在跨站脚本攻击。
CVSS Information
N/A
Vulnerability Type
N/A