WoW Raid Manager Cross-Site Scripting Vulnerability Network Vulnerability

Summary

The host is installed with WoW Raid Manager and is prone to Cross-Site Scripting vulnerability.

Impact

Successful remote exploitation will let the attacker execute arbitrary code in the scope of the application. As a result the attacker may gain sensitive information and use it to redirect the user to any other malicious URL. Impact Level: Application

Solution

Upgrade to version 3.5.1 http://www.wowraidmanager.net/downloadrel.php

Insight

The flaw exists due to WoW Raid Manager fails to properly sanitise user supplied input.

Affected

WoW Raid Manager versions prior to 3.5.1.

References

http://secunia.com/advisories/32172
http://sourceforge.net/project/shownotes.php?release_id=631789

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-6161
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Adobe Reader Multiple Vulnerabilities - Aug07 (Mac OS X)
Adobe Reader Information Disclosure & Denial of Service Vulnerabilities (Windows)
Adobe Reader Information Disclosure & Code Execution Vulnerabilities (Linux)
Asterisk CIDR Notation in Access Rule Remote Security Bypass Vulnerability
Adobe Reader Plugin Signature Bypass Vulnerability (Linux)

Take action and discover your vulnerabilities