2 matches found
Debian Security Advisory DSA 2414-2 (fex)
The remote host is missing an update to fex announced via advisory DSA 2414-2. OpenVAS Vulnerability Test $Id: deb24142.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2414-2 fex Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...
Debian DSA-2414-2 : fex - insufficient input sanitization
Nicola Fioravanti discovered that FX, a web service for transferring very large files, is not properly sanitizing input parameters of the 'fup'script. An attacker can use this flaw to conduct reflected cross-site scripting attacks via various script parameters. %NASLMINLEVEL 70300 C Tenable Netwo...