WebAdmin useredit_account.wdm user Variable XSS

2005-01-28T12:52:42
ID OSVDB:13322
Type osvdb
Reporter OSVDB
Modified 2005-01-28T12:52:42

Description

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Alt-N has released a patch to address this vulnerability.

Manual Testing Notes

http://[victim]/WebAdmin/useredit_account.wdm?user=%3Cscript%3Ealert('test')%3C/script%3E

References:

Vendor URL: http://www.altn.com/products/default.asp?product%5Fid=WebAdmin Secunia Advisory ID:14079 Related OSVDB ID: 13324 Related OSVDB ID: 13323 Other Advisory URL: http://www.kamborio.com/?Section=Articles&Mode=select&ID=56 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-01/0313.html CVE-2005-0317