RemotelyAnywhere Cross Site Scripting Network Vulnerability

Summary

The remote RemotelyAnywhere web interface is vulnerable to a cross site scripting issue. Description : A vulnerability in RemotelyAnywhere's web interface allows a remote attacker to inject malicious text into the login screen, this can be used by an attacker to make the user do things he would otherwise not do (for example, change his password after a successful login to some string provided by the malicious text).

Solution

Upgrade to the newest version of this software

Severity

Classification

CVSS Base Score: 2.6
AV:N/AC:H/Au:N/C:P/I:N/A:N

Related Vulnerabilities

phpGraphy 'theme_dir' Parameter Cross Site Scripting Vulnerability
phpWebSite 'local' Parameter Cross Site Scripting Vulnerability
MediaWiki 'profileinfo.php' Cross Site Scripting Vulnerability
Apache Tomcat 'MemoryUserDatabase' Information Disclosure Vulnerability
Packeteer Web Management Interface Version

Take action and discover your vulnerabilities