CVE-2008-1174

AuthentiX 6.3b1 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in editUser.asp in AuthentiX 6.3b1 Trial allows remote attackers to inject arbitrary web script or HTML via the username parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by William Hicks · textwebappsasp

https://www.exploit-db.com/exploits/31314

View Code ZIP pw:eip

References (4)

[Mailing List] http://marc.info/?l=full-disclosure&m=120410229721185&w=2

[Vendor Advisory] http://secunia.com/advisories/29142

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1019520

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/28040

Scores

EPSS 0.0056

EPSS Percentile 68.1%

Classification

CWE

CWE-79

Status draft

Affected Products (1)

flicks_software/authentix

Timeline

Published Mar 06, 2008

Tracked Since Feb 18, 2026