PT-2006-2490 · Conftool · Conftool

Botan

Published

2006-03-29

Updated

2018-10-18

CVE-2006-1482

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions: Conftool version 1.1

Description: A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the page parameter in the index.php file.

Recommendations: For Conftool version 1.1, update the index.php file to properly sanitize the page parameter to prevent XSS attacks.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-1482

Affected Products

Conftool

PT-2006-2490 · Conftool · Conftool

CVE-2006-1482

Related Identifiers

Affected Products

References · 9