|Category:||Web application abuses|
|Title:||Logitech Media Server DOM Based XSS Vulnerability|
|Summary:||This host is running Logitech Media Server; and is prone to a dom based cross site scripting vulnerability.|
This host is running Logitech Media Server
and is prone to a dom based cross site scripting vulnerability.
The flaw exists due to an insufficient
validation of user supplied input via url.
Successful exploitation will allow remote
users to execute arbitrary script code in the browser of an unsuspecting user
in the context of the affected site. This may allow the attacker to steal
cookie-based authentication credentials and launch other attacks.
Impact Level: Application
Logitech Media Server versions 7.7.3,
7.7.5, 7.9.1, 7.7.2, 7.7.1, 7.7.6 and 7.9.0
No solution or patch is available as of
25th October, 2017. Information regarding this issue will be updated once
solution details are available. For updates refer to https://www.logitech.com.
Common Vulnerability Exposure (CVE) ID: CVE-2017-15687|
|Copyright||Copyright (C) 2017 Greenbone Networks GmbH|
|This is only one of 58768 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.