JVN#89852154: iLogScanner vulnerable to cross-site scripting

iLogScanner provided by INFORMATION-TECHNOLOGY PROMOTION AGENCY, JAPAN (IPA) is a software that checks access logs to detect suspected attacks against a web server. iLogScanner contains a cross-site scripting vulnerability (CWE-79) due to a flaw when processing analysis results and outputting the results into a HTML page.

Impact

An arbitrary script may be executed on the outputted HTML page when analyzing a specially crafted access log file.

Solution

Update the software
Users of the offline version of iLogScanner should update to the latest version according to the information provided by the developer.

According to the developer, the online version of iLogScanner has already been updated to address this vulnerability.

Products Affected

• iLogScanner V4.0