|Category:||Web application abuses|
|Title:||Logitech Media Server Multiple Persistent XSS Vulnerabilities|
|Summary:||This host is running Logitech Media Server; and is prone to multiple stored cross site scripting vulnerabilities.|
This host is running Logitech Media Server
and is prone to multiple stored cross site scripting vulnerabilities.
Multiple flaws exist due to an insufficient
validation of user supplied input via new favorite field value in favorites
tab and new URL value in Radio URL tab.
Successful exploitation will allow remote
users to execute arbitrary script code in the browser of an unsuspecting user
in the context of the affected site. This may allow the attacker to steal
cookie-based authentication credentials and launch other attacks.
Impact Level: Application
Logitech Media Server version 7.9.0
No known solution is available as of 18th May, 2018. Information regarding
this issue will be updated once solution details are available.
Common Vulnerability Exposure (CVE) ID: CVE-2017-16568|
Common Vulnerability Exposure (CVE) ID: CVE-2017-16567
|Copyright||Copyright (C) 2017 Greenbone Networks GmbH|
|This is only one of 69903 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.