CVE-2012-6339 in FTP Serverinfo

Summary

Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface in Cerberus FTP Server before 5.0.6.0 allow (1) remote attackers to inject arbitrary web script or HTML via a log entry that is not properly handled within the Log Manager component, and might allow (2) remote authenticated administrators to inject arbitrary web script or HTML via a Messages field to the servermanager program.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Responsible

Reservation

12/13/2012

Disclosure

12/31/2012

Moderation

VulDB entry created

Entries

VDB-63281

CPE

ready

CWE

CWE-79 (Confirmed)

CVSS

4.3

EPSS

0.00254

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-6339
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-6339
CVE Details	https://www.cvedetails.com/cve/CVE-2012-6339/

◂ Previous Overview Next ▸