Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
XSS in urls
Vulnerability Description
Improper neutralization of HTML-encoded characters in the URL validation function in Checkmk <2.5.0p5, <2.4.0p31, <2.3.0p48, and all 2.2.0 versions allows an authenticated user to bypass URL validation and inject malicious URLs such as javascript: URIs, resulting in cross-site scripting when another user interacts with the crafted link.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Checkmk 跨站脚本漏洞
Vulnerability Description
Checkmk是Checkmk公司的一个 IT 监控平台。 Checkmk 2.5.0p5之前版本、2.4.0p31之前版本、2.3.0p48之前版本和所有2.2.0版本存在跨站脚本漏洞,该漏洞源于URL验证函数中HTML编码字符的中和不当,允许经过身份验证的用户绕过URL验证并注入恶意URL如javascript: URI,导致其他用户与特制链接交互时发生跨站脚本攻击。
CVSS Information
N/A
Vulnerability Type
N/A