PT-2007-6276 · Odyssey · Odysseysuite
R0T
·
Published
2007-10-03
·
Updated
2017-07-29
·
CVE-2007-5183
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
OdysseySuite version 4.0.729
Description
The issue is related to a cross-site scripting (XSS) vulnerability. This vulnerability allows remote attackers to inject arbitrary web script or HTML via the
idkey parameter.Recommendations
For version 4.0.729, avoid using the
idkey parameter in the affected Mailbox.mws until the issue is resolved. As a temporary workaround, consider restricting access to the Mailbox.mws module to minimize the risk of exploitation.Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Odysseysuite