Summary
This host is running NuSOAP and is prone to Cross-site scripting Vulnerability.
Impact
Successful exploitation will allow attackers to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site.
Impact Level: Application.
Solution
Apply the patch provided by vendor. For updates refer to http://nusoap.sourceforge.net/
Insight
The flaw is due to an input validation error in
/api/soap/mantisconnect.php in NuSOAP.
Affected
NuSOAP version 0.9.5.
References
Severity
Classification
-
CVE CVE-2010-3070 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities