HomePentest-Tools.com Logo

F*EX (Framss Fast File EXchange) < 20111129-2 Multiple XSS Vulnerabilities - Active Check CVE-2012-0869CVE-2012-1293

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

F*EX (Framss Fast File EXchange) is prone to multiple cross-site scripting (XSS) vulnerabilities.

Risk description

The inputs passed via to, from and id parameter to fup is not properly validated, which allows attackers to execute arbitrary HTML and script code in a users browser session in the context of an affected site. Successful exploitation will allow remote attackers to insert arbitrary HTML and script code, which will be executed in a users browser session in the context of an affected site.

Recommendation

Update to version 20111129-2 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Sep 25, 2012
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available