Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1427

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-1427
Last Modified 21 Sep 2011 11:30:13
Published 15 Mar 2011 01:55:05
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1427

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Kodak InSite 5.5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Language parameter to Pages/login.aspx, (2) HeaderWarning parameter to Troubleshooting/DiagnosticReport.asp, or (3) User-Agent header to troubleshooting/speedtest.asp.

Vulnerable Systems

Application

  • Kodak Insite 5.5.2


References

XF - kodakinsite-multiple-xss(65941)

BID - 46762

BUGTRAQ - 20110307 Kodak InSite Login Page Cross-Site Scripting

BUGTRAQ - 20110307 InSite Troubleshooting Cross-Site Scripting

SREASON - 8135


Last Updated: 27 May 2016 10:56:19