vendor:
pisg
by:
5.5
CVSS
MEDIUM
Input Validation
20
CWE
Product Name: pisg
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested:
Input Validation Vulnerability in pisg
pisg is prone to an input validation vulnerability. The vulnerability occurs when monitoring an IRC server that allows the use of HTML code as a value for the IRC Nickname. This allows an attacker to inject malicious HTML code into the generated HTML pages by pisg.
Mitigation:
To mitigate this vulnerability, it is recommended to sanitize input values for IRC Nicknames and prevent the use of HTML code. Additionally, it is advised to limit the characters and values allowed for IRC Nicknames.