Lucene search
China National Vulnerability DatabaseCNVD-2022-77956HistoryMay 07, 2022 - 12:00 a.m.
Cyclos 4 PRO Cross-Site Scripting Vulnerability (CNVD-2022-77956)
2022-05-0700:00:00
China National Vulnerability Database
www.cnvd.org.cn
7
cyclos 4 pro
web server
cross-site scripting
vulnerability
user input
error notification
javascript code
remote attacker
unauthenticated
EPSS
0.003
Percentile
70.7%
Cyclos 4 PRO is a web server. a cross-site scripting vulnerability exists in Cyclos 4 PRO version 4.14.7 and earlier, which stems from a failure to validate user input during error notification. A remote, unauthenticated attacker could execute javascript code via undefine enumeration constants.
Related
prion
prion
Input validation
2022-05-02 00:15:00
cvelist
cvelist
CVE-2021-31674
2022-05-01 23:06:02
cve
cve
CVE-2021-31674
2022-05-02 00:15:08
zdt
zdt
Cyclos 4.14.7 - DOM Based Cross-Site Scripting Vulnerability
2022-05-12 00:00:00
nvd
nvd
CVE-2021-31674
2022-05-02 00:15:08
exploitdb
exploitdb
Cyclos 4.14.7 - DOM Based Cross-Site Scripting (XSS)
2022-05-11 00:00:00
packetstorm
packetstorm
Cyclos 4.14.7 Cross Site Scripting
2022-05-11 00:00:00