APC PowerChute Business Edition Unspecified Cross Site Scripting Vulnerability Network Vulnerability

Summary

This host is running APC PowerChute Business Edition and is prone to cross site scripting vulnerability.

Impact

Successful exploitation will allow remote attackers to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Impact Level: Application.

Solution

Upgrade to the APC PowerChute Business Edition version 8.5 or later For updates refer to http://www.apc.com/products/family/index.cfm?id=125&ISOCountryCode=us

Insight

The flaw exists due to improper validation of certain unspecified input before being returned to the user.

Affected

APC PowerChute Business Edition version prior to 8.5

References

http://jvn.jp/en/jp/JVN61695284/index.html
http://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000100.html
http://secunia.com/advisories/47113/

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-4263

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Brother HL-5370DW Printer 'post/panel.html' Security Bypass Vulnerability
AOLserver Default Password
Apple Safari 'setInterval()' Address Bar Spoofing Vulnerability (Win)
Adobe Reader 'SWF' Information Disclosure Vulnerability (Windows)
Adobe Flex SDK 'SWF' Files Cross-Site Scripting Vulnerability (Windows)

Take action and discover your vulnerabilities