GFI WebMonitor Configuration UI Arbitrary Script Injection Vulnerability

GFI WebMonitor is prone to an arbitrary script-injection vulnerability because it fails to properly sanitize user-supplied input.

An attacker can exploit this issue to execute arbitrary script code in the context of the webserver. This may aid in further attacks.

GFI WebMonitor 2009 Build 20100324 is vulnerable; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus