HomePentest-Tools.com Logo

Adiscon LogAnalyzer <= 4.1.6 XSS Vulnerability - Active Check CVE-2018-19877

Severity
CVSSv3 Score
6.1
Vulnerability description

Adiscon LogAnalyzer is prone to a cross-site scripting (XSS) vulnerability.

Risk description

The vulnerability exists within the /login.php page of the site, through the referer parameter. Successful exploitation would allow an attacker to inject arbitrary HTML or JavaScript into the site by crafting a malicious link.

Recommendation

Update to version 4.1.7 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Dec 5, 2018
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available