Ultimate HelpDesk Index.ASP Cross-Site Scripting Vulnerability

Bugtraq ID:	21402
Class:	Input Validation Error
CVE:	CVE-2006-6380
Remote:	Yes
Local:	No
Published:	Dec 02 2006 12:00AM
Updated:	Jul 04 2008 09:50PM
Credit:	ajann is credited with the discovery of this vulnerability.
Vulnerable:	Ultimate HelpDesk Ultimate HelpDesk 0
Not Vulnerable:	Ultimate HelpDesk Ultimate HelpDesk 3.5.7

Ultimate HelpDesk Index.ASP Cross-Site Scripting Vulnerability

Attackers can exploit this issue by enticing an unsuspected victim to follow a malicious URI.

The following proof-of-concept URI is available:

• /data/vulnerabilities/exploits/21402.html

Ultimate HelpDesk Index.ASP Cross-Site Scripting Vulnerability

References:

• Ultimate HelpDesk Homepage (Ultimate HelpDesk)