Summary
The remote RemotelyAnywhere web interface is vulnerable to a cross site scripting issue.
Description :
A vulnerability in RemotelyAnywhere's web interface allows a remote attacker to inject malicious text into the login screen, this can be used by an attacker to make the user do things he would otherwise not do (for example, change his password after a successful login to some string provided by the malicious text).
Solution
Upgrade to the newest version of this software
Severity
Classification
-
CVSS Base Score: 2.6
AV:N/AC:H/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- phpGraphy 'theme_dir' Parameter Cross Site Scripting Vulnerability
- phpWebSite 'local' Parameter Cross Site Scripting Vulnerability
- MediaWiki 'profileinfo.php' Cross Site Scripting Vulnerability
- Apache Tomcat 'MemoryUserDatabase' Information Disclosure Vulnerability
- Packeteer Web Management Interface Version