Network Query Tool Cross-Site Scripting Vulnerability
BID:10205
Info
Network Query Tool Cross-Site Scripting Vulnerability
| Bugtraq ID: | 10205 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 23 2004 12:00AM |
| Updated: | Apr 23 2004 12:00AM |
| Credit: | Discovered by Janek Vind <[email protected]>. |
| Vulnerable: |
[email protected] Network Query Tool 1.6 [email protected] Network Query Tool 1.0 |
| Not Vulnerable: | |
Discussion
Network Query Tool Cross-Site Scripting Vulnerability
A cross-site scripting vulnerability reportedly affects Network Query Tool. According to the report, data passed to script "nqt.php" via HTML variable "portNum" is not encoded before being included as part of the script's HTML output. Symantec is not aware of any fixes.
A cross-site scripting vulnerability reportedly affects Network Query Tool. According to the report, data passed to script "nqt.php" via HTML variable "portNum" is not encoded before being included as part of the script's HTML output. Symantec is not aware of any fixes.
Exploit / POC
Network Query Tool Cross-Site Scripting Vulnerability
There is no exploit code required.
There is no exploit code required.
Solution / Fix
Network Query Tool Cross-Site Scripting Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
Network Query Tool Cross-Site Scripting Vulnerability
References:
References: