PT-2004-2502 · Fusetalk · Fusetalk

Matthew Oyer

Publicado

2004-10-13

Atualizado

2017-07-11

CVE-2004-1594

CVSS v2.0

4.3

Média

Vetor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions FuseTalk version 4.0

Description The issue is related to a cross-site scripting (XSS) vulnerability, which allows remote attackers to execute arbitrary web script. This can be achieved via an img src tag.

Recommendations For FuseTalk version 4.0, consider disabling the ability to include user-supplied input in img src tags until a patch is available. Restrict access to areas where user input is reflected in the application to minimize the risk of exploitation.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2004-1594

Produtos afetados

Fusetalk

PT-2004-2502 · Fusetalk · Fusetalk

CVE-2004-1594

Identificadores relacionados

Produtos afetados

Referências · 5