漏洞标题
N/A
漏洞描述信息
Atos Unify OpenScape UC Application V9 Before Version V9 R4.31.0 和 V10 Before Version V10 R0.6.0 允许XSS。攻击者可以通过说服受信任的用户在Profile Name字段中注入任意JavaScript代码来利用此漏洞。浏览器将执行存储的XSS响应体。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
Atos Unify OpenScape UC Application V9 before version V9 R4.31.0 and V10 before version V10 R0.6.0 allows XSS. An attacker could exploit this by convincing an authenticated user to inject arbitrary JavaScript code in the Profile Name field. A browser would execute this stored XSS payload.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
Atos Unify OpenScape UC Web Client 跨站脚本漏洞
漏洞描述信息
Atos Unify OpenScape UC Web Client 1.0版本中存在跨站脚本漏洞。该漏洞源于WEB应用缺少对客户端数据的正确验证。攻击者可利用该漏洞执行客户端代码。
CVSS信息
N/A
漏洞类别
跨站脚本