Summary
This host is running APC PowerChute Business Edition and is prone to cross site scripting vulnerability.
Impact
Successful exploitation will allow remote attackers to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
Impact Level: Application.
Solution
Upgrade to the APC PowerChute Business Edition version 8.5 or later For updates refer to http://www.apc.com/products/family/index.cfm?id=125&ISOCountryCode=us
Insight
The flaw exists due to improper validation of certain unspecified input before being returned to the user.
Affected
APC PowerChute Business Edition version prior to 8.5
References
Severity
Classification
-
CVE CVE-2011-4263 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- Apple Safari Multiple Vulnerabilities Dec13 (Mac OS X)
- Apple Safari Web Script Execution Vulnerabilites - June09
- Adobe Flash Player Multiple Security Bypass Vulnerabilities - 01 Feb14 (Linux)
- Apple Safari 'javascript: URI' XSS Vulnerability - Sep09
- Adobe Flash Player Multiple Security Bypass Vulnerabilities - 01 Feb14 (Mac OS X)