WebBatch WebBatch.EXE Cross-Site Scripting and Information Disclosure Vulnerabilities

WebBatch WebBatch.EXE Cross-Site Scripting and Information Disclosure Vulnerabilities

Attackers can exploit these issues via a web browser. To exploit a cross-site scripting vulnerability, an attacker must entice an unsuspecting user to follow a maliciously crafted URI.

The following example URIs are available:

http://www.example.com/webcgi/webbatch.exe?XSS
http://www.example.com/webcgi/webbatch.exe?PATH/XSS

http://www.example.com/webcgi/webbatch.exe?dumpinputdata