Digirez Multiple Cross-Site Scripting Vulnerabilities

vendor:

Digirez

by:

5.5

CVSS

MEDIUM

Cross-Site Scripting (XSS)

CWE

Product Name: Digirez

Affected Version From: Digirez 3.4

Affected Version To: Digirez 3.4

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

Digirez Multiple Cross-Site Scripting Vulnerabilities

Digirez is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials and to launch other attacks.

Mitigation:

It is recommended to sanitize and validate user-supplied input before using it in dynamic web pages.

Source

Digirez Multiple Cross-Site Scripting Vulnerabilities

Mitigation:

Exploit-DB raw data: