漏洞描述
思科统一运作管理器(CUOM)8.6之前的版本的通用服务设备中心下CSCOnm/servlet/com.cisco.nm.help.ServerHelpEngine中存在跨站脚本(XSS)漏洞,该漏洞允许远程攻击者通过参数注入任意Web脚本或HTML。
Cisco Common Services Devices Center 跨站脚本漏洞
PoC代码
暂无相关漏洞推荐
- 天锐绿盾审批系统 /ws/taskCommon/endCallback 代码执行漏洞
- Cisco Any Router and Switch 默认口令漏洞
- 金蝶云星空 /Kingdee.BOS.WebApi.ServicesStub.AuthService.ValidateLoginInfo.common.kdsvc 命令执行漏洞
- 金和OA AjaxForCenterBudgetDecompose.ashx SQL注入漏洞
- POC CVE-2024-31223: Fides Privacy Center ≤ 2.39.1 - Server-Side URL Disclosure
- 全程云 /OA/api/2.0/Common/AttachFile/UploadEditorFile 文件上传漏洞
- POC CVE-2024-20404: Cisco Finesse - Server-Side Request Forgery (SSRF)
- (CVE-2025-13791)Scada-LTS Project Import组件Common.getHomeDir文件路径遍历漏洞
- POC CVE-2025-61757: Oracle Identity Manager REST WebServices - Authentication Bypass
- 璐华HRM /ajaxpro/RuvarHRM.Web.Common.get_account_by_tree.RuvarHRM.Web.Common.ashx SQL 注入漏洞
- POC Ruvar HRM RuvarHRM.Web.Common.ashx SQL注入漏洞
- Atlassian Jira Software Data Center And Server 需授权 路径遍历漏洞
- (CVE-2025-61757)Oracle Identity Manager REST WebServices远程接管漏洞