CVE-2011-4273 Information
Description
Multiple cross-site scripting (XSS) vulnerabilities in GoAhead Webserver 2.18 allow remote attackers to inject arbitrary web script or HTML via (1) the group parameter to goform/AddGroup related to addgroup.asp; (2) the url parameter to goform/AddAccessLimit related to addlimit.asp; or the (3) user (aka User ID) or (4) group parameter to goform/AddUser related to adduser.asp.
Reference
http://secunia.com/advisories/46894 http://www.kb.cert.org/vuls/id/384427 https://exchange.xforce.ibmcloud.com/vulnerabilities/70434 Multiple cross-site scripting (XSS) vulnerabilities in GoAhead Webserver 2.18 allow remote attackers to inject arbitrary web script or HTML via (1) the group parameter to goform/AddGroup related to addgroup.asp; (2) the url parameter to goform/AddAccessLimit related to addlimit.asp; or the (3) user (aka User ID) or (4) group parameter to goform/AddUser related to adduser.asp.
Share on: