HomePentest-Tools.com Logo

CGI:IRC nonjs Interface Cross Site Scripting Vulnerability CVE-2011-0050

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

CGI:IRC is prone to a cross-site scripting (XSS) vulnerability.

Risk description

The flaw is caused by improper validation of user-supplied input passed via the R parameter in the nonjs interface (interfaces/nonjs.pm), that allows attackers to execute arbitrary HTML and script code on the web server. Successful exploitation will allow attacker to execute arbitrary HTML and script code in a users browser session in the context of an affected site.

Recommendation

Upgrade to CGI:IRC version 0.5.10 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Feb 19, 2011
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available