Summary
OpenCA is vulnerable to a HTML injection attack due to inadequate validation / filtering of user input into a web form frontend.
Versions up to 0.9.2 RC6 are vulnerable.
Detailed info: http://www.securityfocus.com/bid/11113
Solution
Upgrade OpenCA to the newer version.
Severity
Classification
-
CVE CVE-2004-0787 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- Apache Tomcat Cross-Site Scripting and Security Bypass Vulnerabilities
- Apple Safari Multiple Vulnerabilities
- Apache Struts CookBook/Examples Multiple Cross-Site Scripting Vulnerabilities
- Apache Web Server Configuration File Environment Variable Local Buffer Overflow Vulnerability
- Apache Solr Directory Traversal Vulnerability Jan-14