Test Kennung:	1.3.6.1.4.1.25623.1.0.802270
Kategorie:	Web Servers
Titel:	Embedthis GoAhead 2.18 Multiple Stored XSS Vulnerabilities - Active Check
Zusammenfassung:	Embedthis GoAhead is prone to multiple stored cross-site; scripting (XSS) vulnerabilities.
Beschreibung:	Summary: Embedthis GoAhead is prone to multiple stored cross-site scripting (XSS) vulnerabilities. Vulnerability Insight: Multiple flaws are due to improper validation of user-supplied input via the 'group' parameter to goform/AddGroup, related to addgroup.asp, the 'url' parameter to goform/AddAccessLimit, related to addlimit.asp, or the 'user' or 'group' parameter to goform/AddUser, related to adduser.asp Vulnerability Impact: Successful exploitation will allow remote attackers to insert arbitrary HTML and script code, which will be executed in a user's browser session in the context of an affected site. Affected Software/OS: Embedthis GoAhead version 2.18 is known to be affected. Other versions might be affected as well. Solution: Update to version 2.5 or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2011-4273 CERT/CC vulnerability note: VU#384427 http://www.kb.cert.org/vuls/id/384427 http://secunia.com/advisories/46894 XForce ISS Database: goahead-multiple-xss(70434) https://exchange.xforce.ibmcloud.com/vulnerabilities/70434
Copyright	Copyright (C) 2011 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.