Summary
This host is installed with Ecava IntegraXor and is prone to cross site scripting vulnerabilities.
Impact
Successful exploitation will allow attacker to execute arbitrary HTML and script code in a user's browser session in the context of a vulnerable site.
This may allow an attacker to steal cookie-based authentications and launch further attacks.
Impact Level: Application
Solution
Upgrade to the Ecava IntegraXor version 3.60 (Build 4080) or later, For updates refer to http://www.ecava.com/index.htm
Insight
The flaws are caused by improper validation of user-supplied input passed via unspecified vectors, which allows attackers to execute arbitrary HTML and script code on the web server.
Affected
Ecava IntegraXor versions prior to 3.60 (Build 4080).
References
Severity
Classification
-
CVE CVE-2011-2958 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities