Vulnerabilities

CVE-2017-17832

by Fred · 22/12/2017

ServersCheck Monitoring Software before 14.2.3 is prone to a cross-site scripting vulnerability as user supplied-data is not validated/sanitized when passed in the settings_SMS_ALERT_TYPE parameter, and JavaScript can be executed on settings-save.html (the Settings – SMS Alerts page).

Date published : 2017-12-22

https://serverscheck.com/monitoring-software/release.asp

http://packetstormsecurity.com/files/145517/ServersCheck-Monitoring-Software-Cross-Site-Scripting.html

Similar

Tags: Cybersecurity Alert