Ragic 跨站脚本漏洞

Ragic is a No Code enterprise e-enablement tool from China Immediate Technology Ragic. A cross-site scripting vulnerability exists in versions of Ragic prior to 2022/06/28, which stems from insufficient filtering of special characters on the report generation page and can be exploited by a remote...

PT-2022-25501 · Ragic · Ragic

Name of the Vulnerable Software and Affected Versions: Ragic affected versions not specified Description: The issue concerns insufficient filtering for special characters on the report generation page, allowing a remote attacker with general user privileges to inject JavaScript and perform a...