Test ID:	1.3.6.1.4.1.25623.1.0.16057
Category:	Web application abuses
Title:	PsychoStats Login Parameter Cross-Site Scripting
Summary:	PsychoStats is a statistics generator for games. Currently there is support; for a handful of Half-Life 'MODs' including Counter-Strike, Day of Defeat, and Natural Selection.;; There is a bug in this software which makes it vulnerable to HTML and JavaScript injection. An attacker; may use this flaw to use the remote server to set up attacks against third-party users.
Description:	Summary: PsychoStats is a statistics generator for games. Currently there is support for a handful of Half-Life 'MODs' including Counter-Strike, Day of Defeat, and Natural Selection. There is a bug in this software which makes it vulnerable to HTML and JavaScript injection. An attacker may use this flaw to use the remote server to set up attacks against third-party users. Solution: Upgrade to the newest version of this software. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2004-1417 BugTraq ID: 12089 http://www.securityfocus.com/bid/12089 Bugtraq: 20041223 Cross Site Scripting In PsychoStats 2.2.4 Beta && Earlier (Google Search) http://marc.info/?l=bugtraq&m=110383119525592&w=2 http://www.gulftech.org/?node=research&article_id=00057-12222004 http://www.psychostats.com/forums/viewtopic.php?t=11022 http://secunia.com/advisories/13619/ XForce ISS Database: psychostats-login-xss(18651) https://exchange.xforce.ibmcloud.com/vulnerabilities/18651
Copyright	Copyright (C) 2004 Noam Rathaus

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.