CVE-2011-4751 Information

Description

SmarterTools SmarterStats 6.2.4100 generates web pages containing external links in response to GET requests with query strings for frmGettingStarted.aspx which makes it easier for remote attackers to obtain sensitive information by reading (1) web-server access logs or (2) web-server Referer logs related to a \cross-domain Referer leakage\ issue.

Reference

http://xss.cx/examples/exploits/stored-reflected-xss-cwe79-smarterstats624100.html https://exchange.xforce.ibmcloud.com/vulnerabilities/72203