Xymon Monitor Unspecified Multiple Cross Site Scripting Vulnerabilities Network Vulnerability

Summary

This host is running Xymon Monitor and is prone to unspecified multiple cross site scripting vulnerabilities.

Impact

Successful exploitation could allow remote attackers to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Impact Level: Application

Solution

Upgrade to Xymon Monitor version 4.3.1 or later, For updates refer to http://xymon.sourceforge.net/

Insight

The flaws are caused by improper validation of user-supplied input by multiple unspecified scripts which allows attackers to execute arbitrary HTML and script code on the web server.

Affected

Xymon Monitor versions 4.3.0 and prior.

References

http://osvdb.org/71489
http://secunia.com/advisories/44036
http://xforce.iss.net/xforce/xfdb/66542
http://xymon.svn.sourceforge.net/viewvc/xymon/branches/4.3.2/Changes?revision=6673&view=markup

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-1716
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Apache Web Server ETag Header Information Disclosure Weakness
AbanteCart Multiple Cross-Site Scripting Vulnerabilities
Apache OFBiz Multiple Cross Site Scripting Vulnerabilities
Adobe ColdFusion HTTP Response Splitting Vulnerability
Adobe Presenter viewer.swf and loadflash.js XSS Vulnerability

Take action and discover your vulnerabilities