PT-2011-3000 · Microsoft · Windows Server 2008 R2+1

Sven Taute

Published

2011-08-10

Updated

2020-09-28

CVE-2011-1263

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Microsoft Windows Server 2008 R2 and R2 SP1

Description A cross-site scripting (XSS) issue exists in the logon page of Remote Desktop Web Access (RD Web Access), allowing remote attackers to inject arbitrary web script or HTML via the URI.

Recommendations For Microsoft Windows Server 2008 R2 and R2 SP1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2011-1263

Affected Products

Windows Server 2008 R2

Remote Desktop Web Access

PT-2011-3000 · Microsoft · Windows Server 2008 R2+1

CVE-2011-1263

Weakness Enumeration

Related Identifiers

Affected Products

References · 4