JVN#36339873: dopvSTAR* vulnerable to cross-site scripting

2013-02-28T00:00:00
ID JVN:36339873
Type jvn
Reporter Japan Vulnerability Notes
Modified 2013-02-28T00:00:00

Description

dopvSTAR provided by bayashi.net is a software to analyze web access logs. dopvSTAR contains a cross-site scripting vulnerability.

## Impact

An arbitrary script may be executed on the user's web browser.

## Solution

Modify the JavaScript
Modify the JavaScript that enables to log accesses, according to the information provided by the developer.

## Products Affected

  • dopvSTAR* containing JavaScript that enables to log accesses, which had been available on bayashi.net until January 7, 2013