| 제목 | Seeyon Zhiyuan OA Web Application System V8.1 SP2 Cross Site Scripting |
|---|
| 설명 | 1.Vulnerability Name : Seeyon Zhiyuan OA Web Application System V8.1 SP2 has an XSS vulnerability
2.Vulnerability level : Medium
3.Bug submitter and contributor: 蔡超雄(caichaoxiong)
4.Affected product version : V8.1 SP2
5.Vulnerability location : ssoproxy.jsp
6.Vulnerability Description:
The ssoproxy.jsp product function of Seeyon Zhiyuan OA Web Application System V8.1 SP2 does not perform security checks and filtering on the name parameter. Attackers can carefully design and control the parameter, resulting in a reflected XSS vulnerability. Other attack methods can be configured to conduct deep penetration attacks and control the target server. |
|---|
| 원천 | ⚠️ https://wx.mail.qq.com/s?k=g1PB2UUAekANSMkHzr |
|---|
| 사용자 | caichaoxiong (UID 84060) |
|---|
| 제출 | 2025. 04. 15. AM 08:05 (1 년도 ago) |
|---|
| 모더레이션 | 2025. 04. 26. AM 10:24 (11 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 306336 [Seeyon Zhiyuan OA Web Application System 8.1 SP2 ssoproxy.jsp 이름 크로스 사이트 스크립팅] |
|---|
| 포인트들 | 17 |
|---|