PT-2005-1397 · Alt N · Alt-N Webadmin

David Alonso Pérez

Publicado

2005-01-28

Atualizado

2017-07-11

CVE-2005-0319

CVSS v2.0

4.3

Média

Vetor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Alt-N WebAdmin version 3.0.4

Description A direct remote injection issue in the modalfram.wdm component allows remote attackers to load external web pages that appear to originate from the WebAdmin server. This enables the injection of arbitrary HTML or web script, facilitating cross-site scripting (XSS) and phishing attacks.

Recommendations For Alt-N WebAdmin version 3.0.4, consider disabling the modalfram.wdm component as a temporary workaround until a patch is available. Restrict access to the WebAdmin server to minimize the risk of exploitation. Avoid using the WebAdmin server for sensitive operations until the issue is resolved.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2005-0319

Produtos afetados

Alt-N Webadmin

PT-2005-1397 · Alt N · Alt-N Webadmin

CVE-2005-0319

Identificadores relacionados

Produtos afetados

Referências · 4