2 matches found
Cherry Studio 操作系统命令注入漏洞
Cherry Studio is a multi-model AI assistant from China Thousand Comets Cherry Studio. An operating system command injection vulnerability exists in Cherry Studio version 1.5.1, which stems from a streamableHttp MCP server connection that does not properly clean up the URL, which could lead to...
SolarWinds Observability Self-Hosted 跨站脚本漏洞
SolarWinds Observability Self-Hosted is an observation platform from SolarWinds, Inc. A cross-site scripting vulnerability exists in SolarWinds Observability Self-Hosted that stems from insufficient URL field cleanup and could lead to a cross-site scripting attack...