Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:61146
HistoryDec 17, 2013 - 12:00 a.m.

FlashCanvas 'proxy.php'跨站脚本漏洞

2013-12-1700:00:00
Root
www.seebug.org
10

0.006 Low

EPSS

Percentile

75.6%

JSON

Bugtraq ID:64251
CVE ID:CVE-2013-6880

FlashCanvas是一个JavaScript库,可使Internet Explorer支持HTML5 Canvas。

FlashCanvas 'proxy.php’脚本不充分校验Referer Header数据,允许远程攻击者利用漏洞提交特制的GET请求,可获取敏感信息或劫持用户会话。
0
FlashCanvas 1.5
厂商补丁:

FlashCanvas

FlashCanvas 1.6已经修复该漏洞,请到厂商的主页下载:

http://flashcanvas.net/

Related

cve 1
prion 1
securityvulns 2
cve
cve
CVE-2013-6880
2019-11-22 18:15:00
prion
prion
Cross site scripting
2019-11-22 18:15:00
securityvulns
securityvulns
FlashCanvas 1.5 proxy.php XSS Vulnerability
2014-01-09 00:00:00
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2014-01-09 00:00:00

0.006 Low

EPSS

Percentile

75.6%

JSON
Related for SSV:61146
cve1prion1securityvulns2