CVE-2006-6363

Name of the Vulnerable Software and Affected Versions BlueSocket Secure Controller (BSC) versions prior to 5.2 BlueSocket Secure Controller (BSC) version 5.1 without 5.1.1-BluePatch

Description A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via the ad name parameter. This can be exploited by sending malicious input to the admin.pl script.

Recommendations For BlueSocket Secure Controller (BSC) versions prior to 5.2, update to version 5.2 or later. For BlueSocket Secure Controller (BSC) version 5.1, apply the 5.1.1-BluePatch to resolve the issue. As a temporary workaround, consider restricting access to the admin.pl script to minimize the risk of exploitation. Avoid using the ad name parameter in the affected script until the issue is resolved.