ID de Prueba:	1.3.6.1.4.1.25623.1.0.803786
Categoría:	Web application abuses
Título:	Ganglia Web < 3.5.11 XSS Vulnerability - Active Check
Resumen:	Ganglia Web is prone to a cross-site scripting (XSS); vulnerability.
Descripción:	Summary: Ganglia Web is prone to a cross-site scripting (XSS) vulnerability. Vulnerability Insight: Input passed via the 'host_regex' GET parameter to index.php (when 'c' is set to '1') is not properly sanitised before being returned to the user. Vulnerability Impact: Successful exploitation will allow remote attackers to execute arbitrary HTML and script code in a users browser session in context of an affected site and launch other attacks. Affected Software/OS: Ganglia Web version 3.5.10 and probably prior. Solution: Update to version 3.5.11 or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-6395 100380 http://osvdb.org/100380 55854 http://secunia.com/advisories/55854 [oss-security] 20131126 Re: CVE request: XSS flaw in Ganglia web interface http://seclists.org/oss-sec/2013/q4/346 gangliaweb-cve20136395-xss(89272) https://exchange.xforce.ibmcloud.com/vulnerabilities/89272 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730507 http://www.rusty-ice.de/advisory/advisory_2013002.txt https://github.com/ganglia/ganglia-web/issues/218
Copyright	Copyright (C) 2013 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.