Cross site scripting

2009-06-2523:14:00

PRIOn knowledge base

www.prio-n.com

6.1 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

76.2%

JSON

Cross-site scripting (XSS) vulnerability in CMD_REDIRECT in DirectAdmin 1.33.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the URI in a view=advanced request.

CPENameOperatorVersion
directadmineq1.33.1
directadmineq1.33.3
directadmineq1.33.4
directadmineq1.292
directadmineq1.33.2
directadminle1.33.6

Name	Operator	Version
directadmin	eq	1.33.1
directadmin	eq	1.33.3
directadmin	eq	1.33.4
directadmin	eq	1.292
directadmin	eq	1.33.2
directadmin	le	1.33.6

References

secunia.com/advisories/35525

www.securityfocus.com/bid/35450

www.vupen.com/english/advisories/2009/1663

exchange.xforce.ibmcloud.com/vulnerabilities/51292

pridels-team.blogspot.com/2009/06/directadmin-v1336-xss-vuln.html