Siemens Polarion 跨站脚本漏洞

Siemens Polarion is a software suite for application lifecycle management developed by the German company Siemens. This software supports end-to-end enterprise-level application development within a unified, modular, and browser-based software environment. Previous versions of Siemens Polarion,...

Informatica: [marketplace.informatica.com] Persistent XSS through document title

Document titles are not properly escaped before being printed on https://marketplace.informatica.com/docs/ . By including a payload in a document title, an attacker can create a document with a persistent XSS vector which executes for anyone viewing the document page. Proof of concept === The...