PY Software Active Webcam 4.3 - WebServer Cross-Site Scripting
| EKU-ID: 28896 | CVE: OSVDB-3138 | OSVDB-ID: |
| Author: Luigi Auriemma | Published: 2003-12-19 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 28896 | CVE: OSVDB-3138 | OSVDB-ID: |
| Author: Luigi Auriemma | Published: 2003-12-19 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/9261/info
A vulnerability has been reported to be present in the software that may allow a remote attacker to execute HTML or script code in a user's browser.
It has been reported that the problem arises when the software returns an error message to the user that may contain unsanitized data. The script code would run in the context of the user running the vulnerable software.
http://www.example.com:8080/<script>alert('XSS example');</script>