漏洞标题
N/A
漏洞描述信息
在会议房间预订系统(MRBS)1.2.6中存在多个跨站点脚本(XSS)漏洞,允许远程攻击者通过区域参数向(1)day.php、(2)week.php、(3)month.php、(4)search.php、(5)report.php和(6)help.php注入任意的Web脚本或HTML。请注意:此信息的来源未知;详细信息仅从第三方信息获得。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
Multiple cross-site scripting (XSS) vulnerabilities in Meeting Room Booking System (MRBS) 1.2.6 allow remote attackers to inject arbitrary web script or HTML via the area parameter to (1) day.php, (2) week.php, (3) month.php, (4) search.php, (5) report.php, and (6) help.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
MRBS 多个跨站脚本攻击漏洞
漏洞描述信息
Meeting Room Booking System (MRBS)是一个基于web的会议室管理系统。 MRBS1.2.6版本存在多个跨站脚本攻击漏洞。远程攻击者可以利用day.php,week.php,month.php,search.php,report.php和help.php的area参数,注入任意的web脚本或HTML。
CVSS信息
N/A
漏洞类别
跨站脚本