CVE-2006-3261 Information

Description

Cross-site scripting (XSS) vulnerability in Trend Micro Control Manager (TMCM) 3.5 allows remote attackers to inject arbitrary web script or HTML via the username field on the login page which is not properly sanitized before being displayed in the error log.

Reference

http://secunia.com/advisories/20794 http://securityreason.com/securityalert/1159 http://securitytracker.com/id?1016372 http://www.securityfocus.com/archive/1/438158/100/0/threaded http://www.securityfocus.com/bid/18619 http://www.vupen.com/english/advisories/2006/2526 https://exchange.xforce.ibmcloud.com/vulnerabilities/27388