Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:11514
HistoryJun 04, 2009 - 12:00 a.m.

PRTG Traffic Grapher Monitor_Bandwidth函数跨站脚本漏洞

2009-06-0400:00:00
Root
www.seebug.org
29

0.002 Low

EPSS

Percentile

57.8%

JSON

BUGTRAQ ID: 35128
CVE(CAN) ID: CVE-2009-1849

PRTG Traffic Grapher是一个使用方便的Windows软件,能够对网络带宽的使用进行监控和分类。

PRTG Traffic Grapher没有正确地验证对Monitor_Bandwidth函数所提交的输入参数,如果用户受骗跟随了包含有恶意脚本的链接的话,就会导致在用户浏览器会话中执行跨站脚本。

Paessler PRTG Traffic Grapher 6.2.2.977
厂商补丁:

Paessler

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

<a href=“http://www.paessler.com/support/kb/questions/prtg6history/” target=“_blank”>http://www.paessler.com/support/kb/questions/prtg6history/</a>

Related

cve 1
prion 1
nvd 1
cvelist 1
openvas 2
cve
cve
CVE-2009-1849
2022-10-03 16:23:59
prion
prion
Cross site scripting
2009-06-01 19:30:00
nvd
nvd
CVE-2009-1849
2009-06-01 19:30:00
cvelist
cvelist
CVE-2009-1849
2022-10-03 16:23:59
openvas
openvas
PRTG Traffic Grapher 'Monitor_Bandwidth' Cross Site Scripting Vulnerability
2009-06-01 00:00:00
PRTG Traffic Grapher 'Monitor_Bandwidth' Cross Site Scripting Vulnerability
2009-06-01 00:00:00

0.002 Low

EPSS

Percentile

57.8%

JSON
Related for SSV:11514
cve1prion1nvd1cvelist1openvas2