CVE-2011-4751

SmarterStats 6.2.4100 - Cross-Domain Referer Leakage via frmGettingStarted.aspx

Title source: llm
STIX 2.1

Description

SmarterTools SmarterStats 6.2.4100 generates web pages containing external links in response to GET requests with query strings for frmGettingStarted.aspx, which makes it easier for remote attackers to obtain sensitive information by reading (1) web-server access logs or (2) web-server Referer logs, related to a "cross-domain Referer leakage" issue.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/72203

Scores

EPSS 0.0116
EPSS Percentile 63.4%

Details

CWE
CWE-200
Status published
Products (1)
smartertools/smarterstats 6.2.4100
Published Dec 16, 2011
Tracked Since Feb 18, 2026