Cross-site Scripting Vulnerability in SmarterStats by SmarterTools
CVE-2010-3425

Currently unrated

Key Information:

Vendor

Smartertools

Status
Smarterstats
Vendor
CVE Published:
16 September 2010

What is CVE-2010-3425?

The SmarterStats application contains a cross-site scripting (XSS) flaw in the UserControls/Popups/frmHelp.aspx component. This vulnerability allows remote attackers to inject arbitrary web scripts or HTML code through the manipulation of the url parameter. It impacts versions 5.3 and 5.3.3819, as well as potentially affecting other similar 5.3 versions. Attackers can exploit this issue to execute malicious scripts in the context of the affected user's session, compromising user data and security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/41389
third-party-advisoryx_refsource_SECUNIA
http://cloudscan.blogspot.com/2010/09/vendorsmarterstats-...
x_refsource_MISC
http://www.osvdb.org/67895
vdb-entryx_refsource_OSVDB

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.