Description
ServerAdmin/ErrorViewer.jsp in DS3 Authentication Server allow remote attackers to inject arbitrary error-page text via the message parameter.
Exploits (1)
References (2)
Core 2
Core References
Various Sources x_refsource_misc
http://www.digitalsec.net/stuff/explt+advs/DS3.AuthServer.txt
Exploit, Third Party Advisory x_refsource_misc
http://packetstormsecurity.com/files/121862/DS3-Authentication-Server-Command-Execution.html
Scores
EPSS
0.0488
EPSS Percentile
89.6%
Details
CWE
CWE-20
Status
published
Products (1)
ds3/authentication_server
Published
Jun 28, 2013
Tracked Since
Feb 18, 2026