[2/5] Hal Networks Products Cross-Site Scripting Vulnerabilities
January 30th, 2008 by 
[2/5] Hal Networks Products Cross-Site Scripting Vulnerabilities
:Some vulnerabilities have been reported in Hal Networks products, which can be exploited by malicious people to conduct cross-site scripting attacks.Input passed to certain parameters is not properly sanitised before being returned to a user. This can be exploited to execute arbitrary HTML and script code in a user’s browser session in context of an affected site.Solution:Reportedly, the vendor has released fixed versions.Provided and/or discovered by:Syuuya UekiOriginal Advisory:http://jvn.jp/jp/JVN%2301162446/index.html
Original post by Pankaj
[2/5] Hal Networks Products Cross-Site Scripting Vulnerabilities
Related Articles:
[2/5] Juniper Networks Secure Access 2000 “delivery_mode” Cross-Site Scripting [2/5] Avaya Products Qt Overlong UTF-8 Sequence Cross-Site Scripting [2/5] Hitachi Cosminexus Products JavaDoc Cross-Site Scripting [2/5] Interstage HTTP Server mod_imap Cross-Site Scripting Vulnerability [2/5] Cybozu Products Cross-Site Scripting and HTTP Header Injection
Posted in Advisories - Exploits | 
| [2/5] Hal Networks Products Cross-Site Scripting Vulnerabilities