2 matches found
CVE-2025-46545
In Sherpa Orchestrator 141851, the functionality for adding or updating licenses allows for stored XSS attacks by an administrator through the name parameter. The XSS payload can execute when the license expires...
Sherpa Orchestrator 跨站脚本漏洞
Sherpa Orchestrator is an IT management software from Sherpa for automating IT processes and workflow management. A security vulnerability exists in Sherpa Orchestrator version 141851, which stems from the Add or Update License feature may lead to a stored cross-site scripting attack via the name...