PT-2004-2596 · Dns4Me · Dns4Me
James Bercegay
·
Publicado
2004-09-18
·
Atualizado
2017-07-11
·
CVE-2004-1690
CVSS v2.0
4.3
Média
| Vetor | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
DNS4Me version 3.0.0.4
Description
A cross-site scripting (XSS) issue exists in the Web Server of DNS4Me, allowing remote attackers to execute arbitrary web script or HTML via the URL.
Recommendations
For DNS4Me version 3.0.0.4, consider disabling the Web Server functionality until a patch is available to prevent exploitation of the XSS vulnerability.
Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Dns4Me