Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: CGI abuses : XSS --> Category: infos

InMail/InShop XSS Vulnerability Scan


Vulnerability Scan Summary
Checks XSS in InMail and InShop

Detailed Explanation for this Vulnerability Test

The remote host is using InMail/InShop, a web applications written in Perl.

An implementation error in the validation of the user input specifically in
the script 'inmail.pl' in its 'acao' uri-argument and 'inshop.pl' in its
'screen' uri argument lead to an XSS vulnerability allowing a user to create
cross site attacks, also allowing theft of cookie-based authentication
credentials.

Solution : None at this time
Threat Level: Medium

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.