|
|
Family: Misc. --> Category: infos
ICECast XSS Vulnerability Scan
Vulnerability Scan Summary
check icecast version
Detailed Explanation for this Vulnerability Test
The remote server runs a version of ICECast which is as old as or older
than version 1.3.12.
This version is affected by a cross-site scripting vulnerability
in the status display functionality. This issue is due to a failure
of the application to properly sanitize user-supplied input.
As a result of this vulnerability, it is possible for a remote attacker
to create a malicious link containing script code that will be executed
in the browser of an unsuspecting user when followed.
This may facilitate the theft of cookie-based authentication credentials
as well as other attacks.
Solution : Upgrade to a newer version.
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
