漏洞描述 BIBLIOsoft BIBLIOpac2008通过bin/wxis.exe/BIBLIOpac/的db或action参数包含一个跨站点脚本漏洞,该漏洞允许远程攻击者注入任意web脚本或HTML。
相关漏洞推荐 POC CVE-2018-16139: BIBLIOsoft BIBLIOpac 2008 - Cross-Site Scripting POC CVE-2020-16139: Cisco Unified IP Conference Station 7937G - Denial-of-Service