CVE-2013-0709

Name of the Vulnerable Software and Affected Versions dopvSTAR* 0091

Description The issue allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header, which is not properly handled during display of the access log. This is a cross-site scripting (XSS) issue.

Recommendations For dopvSTAR* 0091, consider restricting access to the access log display to minimize the risk of exploitation. As a temporary workaround, avoid using the HTTP Referer header in the access log display until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.