|Category:||Web application abuses|
|Title:||Logitech Media Server Multiple Persistent XSS Vulnerabilities|
|Summary:||This host is running Logitech Media Server; and is prone to multiple stored cross site scripting vulnerabilities.|
This host is running Logitech Media Server
and is prone to multiple stored cross site scripting vulnerabilities.
Multiple flaws exist due to an insufficient
validation of user supplied input via new favorite field value in favorites
tab and new URL value in Radio URL tab.
Successful exploitation will allow remote
users to execute arbitrary script code in the browser of an unsuspecting user
in the context of the affected site. This may allow the attacker to steal
cookie-based authentication credentials and launch other attacks.
Impact Level: Application
Logitech Media Server version 7.9.0
No solution or patch is available as of
13th November, 2017. Information regarding this issue will be updated once
solution details are available. For updates refer to https://www.logitech.com.
Common Vulnerability Exposure (CVE) ID: CVE-2017-16568|
Common Vulnerability Exposure (CVE) ID: CVE-2017-16567
|Copyright||Copyright (C) 2017 Greenbone Networks GmbH|
|This is only one of 58962 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.