PT-2005-1916 · Double Choco Latte · Double Choco Latte

Publicado

2005-03-26

Atualizado

2017-07-11

CVE-2005-0888

CVSS v2.0

4.3

Média

Vetor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Double Choco Latte version 0.9.4.3

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities in the functions.inc.php file. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via the class or method name.

Recommendations For Double Choco Latte version 0.9.4.3, consider disabling the vulnerable functions in functions.inc.php until a patch is available. Restrict access to the class and method name parameters to minimize the risk of exploitation.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2005-0888

Produtos afetados

Double Choco Latte

PT-2005-1916 · Double Choco Latte · Double Choco Latte

CVE-2005-0888

Identificadores relacionados

Produtos afetados

Referências · 5