PT-2004-2596 · Dns4Me · Dns4Me
James Bercegay
·
Published
2004-09-18
·
Updated
2017-07-11
·
CVE-2004-1690
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
DNS4Me version 3.0.0.4
Description
A cross-site scripting (XSS) issue exists in the Web Server of DNS4Me, allowing remote attackers to execute arbitrary web script or HTML via the URL.
Recommendations
For DNS4Me version 3.0.0.4, consider disabling the Web Server functionality until a patch is available to prevent exploitation of the XSS vulnerability.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Dns4Me