APC PowerChute Business Edition Unspecified Cross Site Scripting Vulnerability Network Vulnerability

Summary

This host is running APC PowerChute Business Edition and is prone to cross site scripting vulnerability.

Impact

Successful exploitation will allow remote attackers to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Impact Level: Application.

Solution

Upgrade to the APC PowerChute Business Edition version 8.5 or later For updates refer to http://www.apc.com/products/family/index.cfm?id=125&ISOCountryCode=us

Insight

The flaw exists due to improper validation of certain unspecified input before being returned to the user.

Affected

APC PowerChute Business Edition version prior to 8.5

References

http://jvn.jp/en/jp/JVN61695284/index.html
http://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000100.html
http://secunia.com/advisories/47113/

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-4263

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Adobe Reader Cross-Site Scripting & Denial of Service Vulnerabilities (Mac OS X)
Apple Safari Secure Cookie Security Bypass Vulnerability (Mac OS X)
Apple Safari Webcore Webkit 'XSSAuditor.cpp' XSS Vulnerability (Windows)
Apple Mac OS X Multiple Vulnerabilities - 02 Jan14
Asterisk CIDR Notation in Access Rule Remote Security Bypass Vulnerability

Take action and discover your vulnerabilities