CensorNet Professional v4 'lookup _ url' Parameter Cross-Site Scripting Vulnerability
Release date:
Updated on:
Affected Systems:
Censornet CensorNet Professional v4 2.1.7
Censornet CensorNet Professional
Description:
--------------------------------------------------------------------------------
Bugtraq id: 58865
CensorNet Professional is an Internet filtering software proxy.
CensorNet Professional v4 2.1.7 and other versions have security vulnerabilities. After successful exploitation, attackers can execute HTML and script code in affected browsers.
<* Source: M. Heinzl
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Censornet
---------
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
Http://www.censornet.com/en/products/censornetpro/