ID de Prueba:	1.3.6.1.4.1.25623.1.0.902330
Categoría:	Web application abuses
Título:	Vaadin URI Parameter Cross Site Scripting Vulnerability
Resumen:	This web application is running with the Vaadin Framework which is; prone to a Cross-Site Scripting vulnerability.
Descripción:	Summary: This web application is running with the Vaadin Framework which is prone to a Cross-Site Scripting vulnerability. Vulnerability Insight: Input passed to the 'URL' parameter in 'index.php', is not properly sanitised before being returned to the user. Vulnerability Impact: Successful exploitation will allow remote attackers to execute arbitrary HTML and script code in a user's browser session in the context of an affected application. Affected Software/OS: Vaadin Framework versions from 6.0.0 up to 6.4.8 Solution: Upgrade to Vaadin Framework version 6.4.9 or later CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-0509 BugTraq ID: 45779 http://www.securityfocus.com/bid/45779 http://dev.vaadin.com/ticket/6257 http://osvdb.org/70398 http://secunia.com/advisories/42879 XForce ISS Database: vaadin-unspec-xss(64626) https://exchange.xforce.ibmcloud.com/vulnerabilities/64626
Copyright	Copyright (C) 2011 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.