vendor:
NuSOAP
by:
Not provided
5.5
CVSS
MEDIUM
Cross-Site Scripting (XSS)
79
CWE
Product Name: NuSOAP
Affected Version From: 2000.9.5
Affected Version To: Unspecified
Patch Exists: YES
Related CWE: CVE-2010-0688
CPE: a:nusoap_project:nusoap:0.9.5
Platforms Tested:
2010
Cross-Site Scripting Vulnerability in NuSOAP
The NuSOAP library fails to properly sanitize user-supplied data, leading to a cross-site scripting vulnerability. An attacker can exploit this vulnerability to execute arbitrary script code in the browser of a victim user, potentially leading to theft of authentication credentials and other attacks.
Mitigation:
Upgrade to a patched version of NuSOAP or apply vendor-supplied patches or workarounds to address this vulnerability.