Hyper NIKKI System Unspecified Cross-Site Scripting Vulnerability
BID:20949
Info
Hyper NIKKI System Unspecified Cross-Site Scripting Vulnerability
| Bugtraq ID: | 20949 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 07 2006 12:00AM |
| Updated: | Nov 08 2006 09:22PM |
| Credit: | Fukumori reported this issue. |
| Vulnerable: |
Hyper NIKKI System Hyper NIKKI System 2.19.8 |
| Not Vulnerable: |
Hyper NIKKI System Hyper NIKKI System 2.19.9 |
Discussion
Hyper NIKKI System Unspecified Cross-Site Scripting Vulnerability
Hyper NIKKI System is prone to an unspecified cross-site scripting vulnerability.
An attacker can exploit this issue to execute arbitrary HTML and script code in a userâ??s browser session in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
The vulnerability is reported in version 2.19.8; prior versions may also be affected.
Hyper NIKKI System is prone to an unspecified cross-site scripting vulnerability.
An attacker can exploit this issue to execute arbitrary HTML and script code in a userâ??s browser session in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
The vulnerability is reported in version 2.19.8; prior versions may also be affected.
Exploit / POC
Hyper NIKKI System Unspecified Cross-Site Scripting Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]
Solution / Fix
Hyper NIKKI System Unspecified Cross-Site Scripting Vulnerability
Solution:
The vendor has released an upgrade that addresses this issue. Users should install the newest version (2.19.9).
Hyper NIKKI System Hyper NIKKI System 2.19.8
Solution:
The vendor has released an upgrade that addresses this issue. Users should install the newest version (2.19.9).
Hyper NIKKI System Hyper NIKKI System 2.19.8
-
Hyper NIKKI System hns-lite-2.19.9.tar.gz
http://www.h14m.org/dist/hns-lite-2.19.9.tar.gz
References
Hyper NIKKI System Unspecified Cross-Site Scripting Vulnerability
References:
References:
- Hyper NIKKI System Home Page (Hyper NIKKI System)
- JVN#88325166 (JVN)