HomePentest-Tools.com Logo

AR Web Content Manager (AWCM) search.php Cross Site Scripting Vulnerability CVE-2011-1668

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

AR Web Content Manager (AWCM) is prone to a cross-site scripting (XSS) vulnerability.

Risk description

Input passed via the search parameter in search action in search.php is not properly verified before it is returned to the user. This can be exploited to execute arbitrary HTML and script code in a users browser session in the context of a vulnerable site. This may allow an attacker to steal cookie-based authentication credentials and launch further attacks. Successful exploitation could allow an attacker to execute arbitrary HTML code in a users browser session in the context of a vulnerable application.

Recommendation

Apply the patch from below link.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Apr 10, 2011
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available