漏洞标题
N/A
漏洞描述信息
Tufin SecureTrack < R20-2 GA 包含反射 + 存储的XSS(即,值被反射回用户,但也在数据库中存储,并且可以由相同的受害者或不同的用户在未来触发)。存储和反射的 payload 都可以由管理员触发,所以恶意的未验证用户可能获得管理员权限。即使是恶意的低特权用户也可以注入XSS,这可以被管理员执行, potentially Elevating privileges 并获得管理员权限。(第3个问题)
CVSS信息
CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
Tufin SecureTrack < R20-2 GA contains reflected + stored XSS (as in, the value is reflected back to the user, but is also stored within the DB and can be later triggered again by the same victim, or also later by different users). Both stored, and reflected payloads are triggerable by admin, so malicious non-authenticated user could get admin level access. Even malicious low-privileged user can inject XSS, which can be executed by admin, potentially elevating privileges and obtaining admin access. (issue 3 of 3)
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
Tufin SecureTrack R20-2 GA 跨站脚本漏洞
漏洞描述信息
USA Tufin SecureTrack是Tufin美国(USA)公司的一套防火墙策略管理平台。 Tufin SecureTrack R20-2 GA中存在跨站脚本漏洞,该漏洞源于WEB应用缺少对客户端数据的正确验证。攻击者可利用该漏洞执行客户端代码。
CVSS信息
N/A
漏洞类别
跨站脚本