PT-2001-2346 · Aktivate · Aktivate

Published

2001-12-18

Updated

2008-09-10

CVE-2001-1212

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Aktivate version 1.03

Description A cross-site scripting issue allows remote attackers to execute arbitrary Javascript. This is achieved via the desc parameter in the catgy.cgi file.

Recommendations For Aktivate version 1.03, avoid using the desc parameter in the catgy.cgi file until a fix is available. As a temporary workaround, consider restricting access to the catgy.cgi file to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2001-1212

Affected Products

Aktivate

PT-2001-2346 · Aktivate · Aktivate

CVE-2001-1212

Related Identifiers

Affected Products

References · 5