N/A

An issue was discovered in Wowza Streaming Engine before 4.7.1. There is an XSS vulnerability in the HTTP providers (com.wowza.wms.http.HTTPProviderMediaList and com.wowza.wms.http.streammanager.HTTPStreamManager) causing script injection and/or reflection via a crafted HTTP request.

N/A

N/A

Wowza Streaming Engine 跨站脚本漏洞

Wowza Media Systems Streaming Engine是美国Wowza Media Systems公司的一套流媒体服务器软件。 Wowza Streaming Engine 4.7.1之前版本中的com.wowza.wms.http.HTTPProviderMediaList和com.wowza.wms.http.streammanager.HTTPStreamManager存在跨站脚本漏洞。远程攻击者通过发送特制的HTTP请求利用该漏洞注入脚本。

N/A

N/A