PT-2004-2606 · Pinnacle · Pinnacle Showcenter
Publicado
2004-10-14
·
Atualizado
2017-07-11
·
CVE-2004-1700
CVSS v2.0
4.3
Média
| Vetor | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Pinnacle ShowCenter version 1.51 build 121
Description
A cross-site scripting issue exists, allowing remote attackers to inject arbitrary HTML or web script. This is achieved via the
Skin parameter, which is echoed in an error message.Recommendations
For Pinnacle ShowCenter version 1.51 build 121, consider restricting access to the
Skin parameter to minimize the risk of exploitation. As a temporary workaround, avoid using the Skin parameter in sensitive operations until a patch is available.Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Pinnacle Showcenter