Multiple cross-site scripting (XSS) vulnerabilities in browse.php in OWL 0.7 and 0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) expand or (2) order parameter.

"在OWL 0.7和0.8中的浏览.php中存在多个跨站脚本(XSS)漏洞，允许远程攻击者通过(1)扩展或(2)排序参数来 inject任意的网页脚本或HTML。"

NVD 暂无评分

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

NVD 暂无漏洞类别信息

神龙GPT 暂无漏洞类别信息（请耐心等待）