Vulnerabilities > CVE-2007-0583 - Cross-Site Scripting vulnerability in Http Commander Http Commander 6.0
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE network
http-commander
Summary
Multiple cross-site scripting (XSS) vulnerabilities in HTTP Commander 6.0, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) LogoffMessage parameter to logofflast.aspx or the (2) txtUsername parameter to Default.aspx. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |