|
|
WebWorks Help Multiple Cross Site Scripting Vulnerabilities
WebWorks Help is prone to multiple cross-site scripting vulnerabilities because the software fails to sufficiently sanitize user-supplied input An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. The following products include the vulnerable application: ePublisher 2009.2 ePublisher 2009.1 ePublisher 2008.4 ePublisher 2008.3 ePublisher 2008.2 ePublisher 2008.1 ePublisher 9.3 ePublisher 9.2 ePublisher 9.1 ePublisher 9.0 WebWorks Publisher 8 WebWorks Publisher 7 WebWorks Publisher 6 ESX 4.0 without patch ESX400-200911223-UG vCenter 4.0 GA VMware Server 2.0.2 VMware Lab Manager 2.x VMware vCenter Lab Manager 3.x VMware vCenter Lab Manager 4.0 VMware vCenter Stage Manager 1.x Computer Associates SiteMinder 6.0 SP4 and prior |
|
Privacy Statement |