Agora.CGI Debug Mode Cross-Site Scripting Vulnerability

Solution:
This issue has been addressed in versions 4.0e and later. Affected users are advised to upgrade.

This vulnerability is ONLY present when debug mode is enabled. Debug mode is not enabled by default. Administrators must manually enable it through the configuration interface. Disabling debug mode will completely eliminate this vulnerability.

Web users can disable the execution of JavaScript using the security features of their browser.


Agora.cgi Agora.cgi 3.2 a

Agora.cgi Agora.cgi 3.2 e

Agora.cgi Agora.cgi 3.2 d

Agora.cgi Agora.cgi 3.2 h

Agora.cgi Agora.cgi 3.2 i

Agora.cgi Agora.cgi 3.2 n

Agora.cgi Agora.cgi 3.2 j

Agora.cgi Agora.cgi 3.2 m

Agora.cgi Agora.cgi 3.2 k

Agora.cgi Agora.cgi 3.2 q

Agora.cgi Agora.cgi 3.2 l

Agora.cgi Agora.cgi 3.2

Agora.cgi Agora.cgi 3.2 ja

Agora.cgi Agora.cgi 3.2 f

Agora.cgi Agora.cgi 3.2 r

Agora.cgi Agora.cgi 3.2 c

Agora.cgi Agora.cgi 3.2 g

Agora.cgi Agora.cgi 3.2 b

Agora.cgi Agora.cgi 3.2 p

Agora.cgi Agora.cgi 3.3 f

Agora.cgi Agora.cgi 3.3 e

Agora.cgi Agora.cgi 3.3 b

Agora.cgi Agora.cgi 3.3 i

Agora.cgi Agora.cgi 3.3 d

Agora.cgi Agora.cgi 3.3 a

Agora.cgi Agora.cgi 3.3 j

Agora.cgi Agora.cgi 3.3 c

Agora.cgi Agora.cgi 4.0 c

Agora.cgi Agora.cgi 4.0 a

Agora.cgi Agora.cgi 4.0 b

Agora.cgi Agora.cgi 4.0 d

Agora.cgi Agora.cgi 4.0


 

Privacy Statement
Copyright 2010, SecurityFocus