Limited Black Friday Offer:
Netsweeper 4.0.3 - Cross Site Scripting Injection CVE-2014-9608 Scanner
Remote attacker can perform a reflected cross site scripting attack (XSS) by injecting malicious payload.
Short Info
Level
Medium
Type
Single Scan
Can be used by
Asset Owner
Estimated Time
10 sec
Scan only one
Url
Parent Category
Netsweeper 4.0.3 - Cross Site Scripting Injection CVE-2014-9608 Scanner Detail
Cross-site scripting (XSS) vulnerability in webadmin/policy/group_table_ajax.php/ in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.