Summary
The host is installed with WoW Raid Manager and is prone to Cross-Site Scripting vulnerability.
Impact
Successful remote exploitation will let the attacker execute arbitrary code in the scope of the application. As a result the attacker may gain sensitive information and use it to redirect the user to any other malicious URL.
Impact Level: Application
Solution
Upgrade to version 3.5.1
http://www.wowraidmanager.net/downloadrel.php
Insight
The flaw exists due to WoW Raid Manager fails to properly sanitise user supplied input.
Affected
WoW Raid Manager versions prior to 3.5.1.
References
Severity
Classification
-
CVE CVE-2008-6161 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- Adobe Reader 'file://' URL Information Disclosure Vulnerability Feb07 (Windows)
- Apple Safari libxml Denial of Service Vulnerability
- Asterisk SIP REGISTER Response Username Enumeration Vulnerability
- Apple Mac OS X Denial of Service Vulnerability
- Apple Safari Multiple Memory Corruption Vulnerabilities-03 Aug14 (Mac OS X)