|
Family: CGI abuses : XSS --> Category: attack
WebcamXP Chat Cross-Site Scripting Vulnerability Vulnerability Scan
Vulnerability Scan Summary Checks for cross-site scripting vulnerability in WebcamXP Chat
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server is affected by a cross-site scripting
vulnerability.
Description :
The remote host is running a version of webcamXP, a webcam software
package and integrated web server for Windows, that suffers from an
HTML injection flaw in its chat feature. A possible hacker can exploit this
flaw by injecting malicious HTML and script code through the nickname
field to redirect chat users to arbitrary sites, steal authentication
cookies, and the like.
See also :
http://archives.neohapsis.com/archives/fulldisclosure/2005-04/0393.html
Solution :
Upgrade to webcamXP version 2.16.478 or later.
Threat Level:
Low / CVSS Base Score : 2
(AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|