Xymon 4.3.1前版本XSS漏洞(CVE-2011-1716)公告

关键漏洞信息 漏洞名称: Xymon monitor cross-site scripting vulnerabilities 日期: 2011.04.20 贡献者: Henrik Storner 风险级别: Low CVE编号: CVE-2011-1716 CWE编号: CWE-79 CVSS Base Score: 4.3/10 - Impact Subscore: 2.9/10 - Attack Complexity: Medium - Confidentiality Impact: None - Integrity Impact: Partial - Availability Impact: None - Exploitability Subscore: 8.6/10 - Exploit Range: Remote - Authentication: No required 漏洞描述: Several cross-site scripting vulnerabilities have been identified in the Xymon systems- and network-monitoring tool available at http://sourceforge.net/projects/xymon/ - All versions prior to 4.3.1 (released April 3, 2011) are vulnerable. 致谢: Thanks to David Ferrest for notifying of this issue. References: - http://xymon.svn.sourceforge.net/viewvc/xymon/branches/4.3.2/Changes?revision=6673&view=markup - http://xforce.iss.net/xforce/xfdb/66542 - http://www.securityfocus.com/bid/47156 - http://www.securityfocus.com/archive/1/517325/100/0/threaded - http://www.securityfocus.com/archive/1/517316/100/0/threaded - http://secunia.com/advisories/44036 - http://osvdb.org/71489

目标达成 感谢每一位支持者 — 我们达成了 100% 目标！

Xymon 4.3.1前版本XSS漏洞(CVE-2011-1716)公告

目标达成感谢每一位支持者 — 我们达成了 100% 目标！