[DSECRG-08-011 | FIX INFORMATION] Astrosoft HelpDesk Multiple XSS

2008-02-15T00:00:00
ID SECURITYVULNS:DOC:19129
Type securityvulns
Reporter Securityvulns
Modified 2008-02-15T00:00:00

Description

Digital Security Research Group [DSecRG] Advisory #DSECRG-08-011 | FIX INFORMATION

Application: Astrosoft HelpDesk Versions Affected: < 1.95.228 Vendor URL: http://astrosoft.ru/ Bugs: Multiple XSS Injections Exploits: YES Reported: 29.01.2008 Date of Public Advisory: 04.02.2008 Vendor response: 05.02.2008 Updated Report: 14.02.2008 Solution: HelpDesk was altered to fix this flaw on 13.02.2008. Updated version - 1.95.228 Authors: Alexandr Polyakov, Stas Svistunovich Digital Security Research Group [DSecRG] (research [at] dsec [dot] ru)

Contact: research [at] dsec [dot] ru http://www.dsec.ru (in Russian)