漏洞标题
在 Meldlekarten 生成器中的跨站脚本攻击(XSS)
漏洞描述信息
跨站脚本攻击(XSS)在meldekarten generator中
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
漏洞类别
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
漏洞标题
Cross site scripting (XSS) in meldekarten generator
漏洞描述信息
Meldekarten generator is an open source project to create a program, running locally in the browser without the need for an internet-connection, to create, store and print registration cards for volunteers. All text fields on the webpage are vulnerable to XSS attacks. The user input isn't (fully) sanitized after submission. This issue has been addressed in commit `77e04f4af` which is included in the `1.0.0b1.1.2` release. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
漏洞类别
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
漏洞标题
Meldekarten Generator 跨站脚本漏洞
漏洞描述信息
Meldekarten Generator是jucktnich个人开发者的一个创建程序的项目。 Meldekarten generator 1.0.0b1.1.1及之前版本存在跨站脚本漏洞,该漏洞源于网页上的所有文本字段都容易受到 XSS 攻击,用户输入在提交后未完全清理。
CVSS信息
N/A
漏洞类别
跨站脚本