Cross-Site Scripting Vulnerability in Cerberus FTP Server
CVE-2007-5930

Currently unrated

Key Information:

Vendor: Cerberus
Status: Ftp Server
Vendor: CVE Published:; 10 November 2007

What is CVE-2007-5930?

The Cerberus FTP Server presents a cross-site scripting vulnerability in its web interface, which allows remote attackers to inject arbitrary web scripts or HTML. This can lead to unauthorized actions being performed in the context of the affected user session or the theft of sensitive information. Users of Cerberus FTP Server versions prior to 2.46 should ensure they update their software to mitigate potential exploits of this vulnerability.

References

http://www.securityfocus.com/bid/26381

vdb-entryx_refsource_BID

http://osvdb.org/38789

vdb-entryx_refsource_OSVDB

http://secunia.com/advisories/27569

third-party-advisoryx_refsource_SECUNIA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 10, 2007
Vulnerability Reserved
Nov 9, 2007

CVE-2007-5930 Data

JSON