First published: Mon May 24 2010(Updated: )
Multiple cross-site scripting (XSS) vulnerabilities in resin-admin/digest.php in Caucho Technology Resin Professional 3.1.5, 3.1.10, 4.0.6, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via the (1) digest_realm or (2) digest_username parameters. NOTE: some of these details are obtained from third party information.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Caucho Resin | =4.0.6 | |
Caucho Resin | =3.1.5 | |
Caucho Resin | =3.1.10 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.