Summary
This host has ELOG installed and is prone to cross-site scripting vulnerability.
Impact
Attackers can exploit this issue to steal cookie-based authentication credentials by conducting Cross-Site Scripting attacks on the affected system.
Impact Level: System/Application
Solution
Upgrade ELOG Version to 2.7.2 or later.
https://midas.psi.ch/elog/download/
Insight
An error occurs while processing malicious user supplied data passed into the 'logbook' module and can be exploited to inject arbitrary HTML and script code in the context of the affected application.
Affected
ELOG versions prior to 2.7.2
References
Severity
Classification
-
CVE CVE-2008-7206 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities