Summary
This host is running Xymon Monitor and is prone to unspecified multiple cross site scripting vulnerabilities.
Impact
Successful exploitation could allow remote attackers to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
Impact Level: Application
Solution
Upgrade to Xymon Monitor version 4.3.1 or later,
For updates refer to http://xymon.sourceforge.net/
Insight
The flaws are caused by improper validation of user-supplied input by multiple unspecified scripts which allows attackers to execute arbitrary HTML and script code on the web server.
Affected
Xymon Monitor versions 4.3.0 and prior.
References
Severity
Classification
-
CVE CVE-2011-1716 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- AfterLogic WebMail Pro Multiple Cross Site Scripting Vulnerabilities
- Apache CouchDB Cross Site Request Forgery Vulnerability
- Adobe ColdFusion Multiple Cross Site Scripting Vulnerabilities
- Apache Struts2/XWork Remote Command Execution Vulnerability
- Aker Secure Mail Gateway Cross-Site Scripting Vulnerability