Computer Security

Security Advisory: [DSECRG-08-011 | FIX INFORMATION] Astrosoft HelpDesk Multiple XSS
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  PlutoStatus Locator v1.0pre (alpha) local file inclusion vulnerability

  scribe 0.2 local file inclusion vulnerability

  StatCounteX 3.0 & 3.1 Admin Vulnerability

  StatCounteX 3.0 & 3.1 Admin Vulnerability

From:Digital Security Research Group [DSecRG] <research_(at)_dsec.ru>
Date:15.02.2008
Subject:[DSECRG-08-011 | FIX INFORMATION] Astrosoft HelpDesk Multiple XSS


Digital Security Research Group [DSecRG] Advisory       #DSECRG-08-011 | FIX INFORMATION


Application:                    Astrosoft HelpDesk
Versions Affected:              < 1.95.228
Vendor URL:                     http://astrosoft.ru/
Bugs:                           Multiple XSS Injections
Exploits:                       YES
Reported:                       29.01.2008
Date of Public Advisory:        04.02.2008
Vendor response:                05.02.2008
Updated Report:                 14.02.2008
Solution:                       HelpDesk was altered to fix this flaw on 13.02.2008. Updated version - 1.95.228
Authors:                        Alexandr Polyakov, Stas Svistunovich
                               Digital Security Research Group [DSecRG] (research [at] dsec [dot] ru)


Contact:        research [at] dsec [dot] ru
               http://www.dsec.ru (in Russian)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server