vendor:
Red Hat Directory Server
by:
Unknown
5.5
CVSS
MEDIUM
Cross-Site Scripting (XSS)
79
CWE
Product Name: Red Hat Directory Server
Affected Version From: 7.1
Affected Version To: Unknown
Patch Exists: NO
Related CWE:
CPE: redhat:directory_server
Platforms Tested:
Unknown
Cross-Site Scripting Vulnerabilities in Red Hat Directory Server
Red Hat Directory Server is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input.An attacker can exploit these issues to steal cookie-based authentication credentials and launch other attacks.
Mitigation:
To mitigate these vulnerabilities, it is recommended to sanitize user-supplied input before displaying it to users. Additionally, implementing a web application firewall (WAF) can help detect and block XSS attacks.
