CVE-2018-1000841— Zend.To 跨站脚本漏洞

N/A

Zend.To version Prior to 5.15-1 contains a Cross Site Scripting (XSS) vulnerability in The verify.php page that can result in An attacker could execute arbitrary Javascript code in the context of the victim's browser.. This attack appear to be exploitable via HTTP POST request. This vulnerability appears to have been fixed in 5.16-1 Beta.

N/A

N/A

Zend.To 跨站脚本漏洞

Zend.To是一套基于Web的用于传输大型文件的系统。 Zend.To 5.15-1之前版本中的verify.php页面存在跨站脚本漏洞。远程攻击者可通过发送HTTP POST请求利用该漏洞在用户浏览器的上下文中执行任意的JavaScript代码。

N/A

N/A