vendor:
ASP-Nuke
by:
Unknown
5.5
CVSS
MEDIUM
Cross-Site Scripting (XSS)
79
CWE
Product Name: ASP-Nuke
Affected Version From: 2.0.7
Affected Version To: Unknown
Patch Exists: NO
Related CWE:
CPE: a:aspnuke:asp-nuke:2.0.7
Platforms Tested:
Unknown
Cross-Site Scripting Vulnerability in ASP-Nuke
The vulnerability allows an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected website. This can lead to the theft of cookie-based authentication credentials and enable the attacker to launch further attacks.
Mitigation:
To mitigate this vulnerability, it is recommended to sanitize user input and implement proper output encoding to prevent the execution of malicious scripts.