BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Kaseya VSA 6.5 Parameter Reflected XSS, Enumeration and Bruteforce Weakness Apr 04 2017 05:57AM
Patrick Webster (patrick osisecurity com au)
https://www.osisecurity.com.au/kaseya-parameter-reflected-xss-enumeratio
n-and-bruteforce-weakness.html

Date:
04-Apr-2017

Software:
Kaseya

Affected version:
Kaseya VSA v6.5.0.0.

Vulnerability details:

1. The "forgot password" function at https://[target]/access/logon.asp
reveals whether a userna...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus