PT-2007-2662 · Audins · Audins Audiens

Published

2007-03-03

Updated

2017-07-29

CVE-2007-1241

CVSS v2.0

5.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions Audins Audiens version 3.3

Description A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via the PATH INFO in setup.php.

Recommendations For Audins Audiens version 3.3, update the setup.php file to properly sanitize the PATH INFO input to prevent XSS attacks.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-1241

Affected Products

Audins Audiens

PT-2007-2662 · Audins · Audins Audiens

CVE-2007-1241

Related Identifiers

Affected Products

References · 6