Cross site scripting

2006-05-2401:02:00

PRIOn knowledge base

www.prio-n.com

6.3 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.9%

JSON

Cross-site scripting (XSS) vulnerability in IpLogger 1.7 and earlier allows remote attackers to inject arbitrary HTML or web script via the User-Agent (useragent) header in an HTTP request, which is not filtered when the log files are viewed.

CPENameOperatorVersion
iploggereq1.7

CPE	Name	Operator	Version
	iplogger	eq	1.7

References

secunia.com/advisories/20246

securitytracker.com/id?1016147

www.securityfocus.com/archive/1/434822/100/0/threaded

www.securityfocus.com/archive/1/435005/30/4740/threaded

www.securityfocus.com/bid/18086

www.vupen.com/english/advisories/2006/1937

exchange.xforce.ibmcloud.com/vulnerabilities/26643