WebcamXP Chat Name XSS

This script is Copyright (C) 2005-2016 Tenable Network Security, Inc.

Synopsis :

The remote web server is affected by a cross-site scripting

Description :

The remote host is running a version of webcamXP, a webcam software
package and integrated web server for Windows, that suffers from an
HTML injection flaw in its chat feature. An attacker can exploit this
flaw by injecting malicious HTML and script code through the nickname
field to redirect chat users to arbitrary sites, steal authentication
cookies, and the like.

See also :

Solution :

Upgrade to webcamXP version 2.16.478 or later.

Risk factor :

Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 4.3
Public Exploit Available : true

Family: CGI abuses : XSS

Nessus Plugin ID: 18122 ()

Bugtraq ID: 13250

CVE ID: CVE-2005-1189

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now