漏洞关键信息 漏洞ID JVN#87662835 漏洞概述 Hands-on Vulnerability Learning Tool "AppGoat" for Web Application contains a DNS rebinding vulnerability. 受影响产品 Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.1 and earlier 描述 AppGoat provided by INFORMATION-TECHNOLOGY PROMOTION AGENCY, JAPAN (IPA) 是一个实用的漏洞学习工具,其中包含一个 DNS rebinding 漏洞。 影响 If a user accesses a malicious web page, arbitrary code may be executed. 解决方案 更新软件到最新版本 厂商状态 漏洞分析 CVSS v3: Base Score: 6.3 CVSS v2: Base Score: 6.8 致谢 Shoji Baba 报告了此漏洞给 IPA。