header-logo
Suggest Exploit
vendor:
JEUS
by:
SecurityFocus
7.5
CVSS
HIGH
Cross Site Scripting
79
CWE
Product Name: JEUS
Affected Version From: 3.1.4p1
Affected Version To: 3.2.2002
Patch Exists: Yes
Related CWE: N/A
CPE: //a:tmaxsoft:jeus
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

Tmax Soft JEUS Cross Site Scripting Vulnerability

Tmax Soft JEUS is vulnerable to a cross site-scripting attack. The vulnerability is present in the url.jsp script of the Tmax Soft JEUS server. An attacker may exploit this vulnerability by enticing a victim user to follow a malicious link.

Mitigation:

Upgrade to the latest version of Tmax Soft JEUS (3.2.2 or later)
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/7969/info

Reportedly, Tmax Soft JEUS is vulnerable to a cross site-scripting attack. The vulnerability is present in the url.jsp script of the Tmax Soft JEUS server.

An attacker may exploit this vulnerability by enticing a victim user to follow a malicious link.

It should be noted that although this vulnerability has been reported to affect Tmax Soft JEUS version 3.1.4p1, all version prior to release 3.2.2 are also reported vulnerable.

http://www.example.com/url.jsp?foo=<script>alert('XSS vulnerability exists!')</script>

Navigation

Suggest Exploit

Services By CQR