|Category:||Web application abuses|
|Title:||Logitech Media Server DOM Based XSS Vulnerability|
|Summary:||This host is running Logitech Media Server; and is prone to a dom based cross site scripting vulnerability.|
This host is running Logitech Media Server
and is prone to a dom based cross site scripting vulnerability.
The flaw exists due to an insufficient
validation of user supplied input via url.
Successful exploitation will allow remote
users to execute arbitrary script code in the browser of an unsuspecting user
in the context of the affected site. This may allow the attacker to steal
cookie-based authentication credentials and launch other attacks.
Impact Level: Application
Logitech Media Server versions 7.7.3,
7.7.5, 7.9.1, 7.7.2, 7.7.1, 7.7.6 and 7.9.0
No known solution is available as of 18th June, 2018. Information
regarding this issue will be updated once solution details are available.
Common Vulnerability Exposure (CVE) ID: CVE-2017-15687|
|Copyright||Copyright (C) 2017 Greenbone Networks GmbH|
|This is only one of 68714 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.