Hot Links Lite: url XSS (Cross Site Scripting) Vulnerability

Users of Hot Links Lite please be advised of a XSS (Cross Site Scripting) vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

EV0142: [eVuln.com] url XSS in Hot Links Lite
Software: Hot Links Lite
Type: Cross Site Scripting
——–Description——–
XSS vulnerability found in url parameter of process.cgi script. This can be used to insert any script code. Admin panel
is vulnerable also.

Read more at http://www.criticalwatch.com

 

Advertisements