• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Ipswitch Whatsup Gold Cross-Site Scripting Vulnerability

Ipswitch Whatsup Gold is prone to a file disclosure vulnerability. This is due to a lack of proper sanitization of user-supplied input.

A remote attacker may exploit this vulnerability to reveal files that contain potentially sensitive information. Information that is harvested in this manner may then be used to aid in further attacks against the software and the computer that is hosting the software.