HomePentest-Tools.com Logo

F-Secure Policy Manager WebReporting Module XSS And Path Disclosure Vulnerabilities CVE-2011-1102CVE-2011-1103

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

F-Secure Policy Manager is prone to cross-site scripting (XSS) and path disclosure vulnerabilities.

Risk description

The flaws are caused by an error in the WebReporting interface when processing user-supplied requests, which could allow cross-site scripting and path disclosure attacks. Successful exploitation will allow attacker to disclose potentially sensitive information and execute arbitrary code in the context of an application.

Recommendation

Apply the patch for installed version from the referenced links.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Feb 25, 2011
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available