CVE-2015-10006

CVSS v2.0

4.0

Medium

Vector

AV:N/AC:L/Au:S/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions admont28 Ingnovarq (affected versions not specified)

Description A problematic issue has been found in admont28 Ingnovarq, affecting some unknown functionality of the file app/controller/insertarSliderAjax.php. The manipulation of the imagetitle argument leads to cross-site scripting. The attack may be launched remotely.

Recommendations To fix this issue, it is recommended to apply a patch with the name 9d18a39944d79dfedacd754a742df38f99d3c0e2. As a temporary workaround, consider restricting the manipulation of the imagetitle argument to minimize the risk of exploitation.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2015-10006

Affected Products

Admont28 Ingnovarq

CVE-2015-10006

Weakness Enumeration

Related Identifiers

Affected Products

References · 7