Advantech WebAccess Stored Cross-Site Scripting
Low Nessus Plugin ID 73642
SynopsisThe remote host is affected by a stored cross-site scripting vulnerability.
DescriptionThe remote host has a version of Advantech WebAccess prior to version 7.1-2013.05.29 (which is reported by installs using the '7.1-2013.05.30' installer package from the vendor). It is, therefore, affected by a stored cross-site scripting vulnerability in the 'ProjDesc' parameter of the '/broadWeb/include/gAddNew.asp' script.
SolutionUpgrade to Advantech WebAccess version 7.1-2013.05.29 (contained in 7.1-2013.05.30 installer package) or higher.