ID
VAR-E-201110-0513
TITLE
Cyclope Internet Filtering Proxy 'user' HTML Injection Vulnerability
Trust: 0.3
DESCRIPTION
Cyclope Internet Filtering Proxy is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
Trust: 0.3
AFFECTED PRODUCTS
| vendor: | amplusnet | model: | cyclope internet filtering proxy | scope: | eq | version: | 0 | Trust: 0.3 |
EXPLOIT
An attacker can exploit this issue through a browser.
The following example is available.
Bullet list:
<li><a href="/data/vulnerabilities/exploits/50317.py">/data/vulnerabilities/exploits/50317.py</a></li>
Trust: 0.3
PRICE
Free
Trust: 0.3
TYPE
Input Validation Error
Trust: 0.3
CREDITS
loneferret
Trust: 0.3
EXTERNAL IDS
| db: | BID | id: | 50317 | Trust: 0.3 |
REFERENCES
| url: | http://www.cyclope-series.com/download/index.aspx?p=2 | Trust: 0.3 |
SOURCES
| db: | BID | id: | 50317 |
LAST UPDATE DATE
2022-07-27T09:33:09.314000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 50317 | date: | 2011-10-20T00:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 50317 | date: | 2011-10-20T00:00:00 |