ADPLAN Version 3, web access measurement software provided by Opt, Inc., contains a cross-site scripting vulnerability in the SEO (search engine optimization) module.
A website that employs ADPLAN Version 3 service generates a web page using the HTTP header information sent from a client web browser.
However, as the HTTP header information sent from a user's web browser is not handled correctly by ADPLAN Version 3, an arbitrary script could be executed on the user's web browser if the user is forced to visit a site using ADPLAN service through an attack.
An arbitrary script may be executed on the user's web browser.
Update the Software
We recommend users upgrade to the latest version of the software provided by the vendor.
## Products Affected
ADPLAN Version 3's SEO module