Content-Type Header Misconfiguration in SmarterStats by SmarterTools
CVE-2011-4752

Currently unrated

Key Information:

Vendor: Smartertools
Status: Smarterstats
Vendor: CVE Published:; 16 December 2011

What is CVE-2011-4752?

SmarterTools SmarterStats version 6.2.4100 has a vulnerability related to improper management of Content-Type headers for specific resources. This misconfiguration can permit remote attackers to exploit interpretation conflicts, particularly concerning the frmCustomReport.aspx file and other related assets. Consequently, this may impact client interactions, potentially exposing sensitive data and leading to unauthorized actions.

References

http://xss.cx/examples/exploits/stored-reflected-xss-cwe7...

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/72204

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Dec 16, 2011
Vulnerability Reserved
Dec 11, 2011

Smartertools

What is CVE-2011-4752?

References

Timeline