Title:Incognito Service Activation Center 安全漏洞 (CVE-2024-42834) Description:Incognito Service Activation Center(Incognito SAC)是Incognito公司的一种云原生解决方案,可通过任何访问技术自动提供基于意图的 IP 服务,并简化后端流程以降低运营支出。 Incognito Service Activation Center 14.11版本存在安全漏洞,该漏洞源于创建客户API中存在存储型跨站脚本漏洞,攻击者可以通过向lastName参数注入精心设计的有效载荷来执行任意Web脚本或超文本标记语言。
1. It is advised to access via the original source first.2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.