N/A

Wowza Streaming Engine 4.8.0 and earlier from multiple authenticated XSS vulnerabilities via the (1) customList%5B0%5D.value field in enginemanager/server/serversetup/edit_adv.htm of the Server Setup configuration or the (2) host field in enginemanager/j_spring_security_check of the login form. This issue was resolved in Wowza Streaming Engine 4.8.5.

N/A

N/A

Wowza Media Systems Streaming Engine 跨站脚本漏洞

Wowza Media Systems Streaming Engine是美国Wowza Media Systems公司的一套流媒体服务器软件。 Wowza Media Systems Streaming Engine 4.8.0及之前版本中存在跨站脚本漏洞。该漏洞源于WEB应用缺少对客户端数据的正确验证。攻击者可利用该漏洞执行客户端代码。

N/A

N/A