Progress Software Corporation Progress WhatsUp Gold 跨站脚本漏洞

漏洞信息详情

Progress Software Corporation Progress WhatsUp Gold是美国Progress Software Corporation公司的一款网络监控软件。用于监控整个网络基础设施以及应用程序、配置和网络流量。

Progress WhatsUp Gold 存在跨站脚本漏洞，该漏洞源于在版本21.1.0之前的WhatsUp Gold中，应用程序端点未能充分清除恶意输入。攻击者可利用该漏洞在受害者的浏览器中执行任意代码。

目前厂商已发布升级补丁以修复漏洞，详情请关注厂商主页：

https://knowledgebase.progress.com/articles/Knowledge/WhatsUp-Gold-Security-Bulletin-September-2021

来源:MISC

链接:https://packetstormsecurity.com/files/164359/WhatsUpGold-21.0.3-Cross-Site-Scripting.html

来源:MISC

链接:https://knowledgebase.progress.com/articles/Knowledge/WhatsUp-Gold-Security-Bulletin-September-2021

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/164359/WhatsUpGold-21.0.3-Cross-Site-Scripting.html

来源:nvd.nist.gov

链接:https://nvd.nist.gov/vuln/detail/CVE-2021-41318

来源:www.exploit-db.com

链接:https://www.exploit-db.com/exploits/50366

暂无

Progress Software Corporation Progress WhatsUp Gold 跨站脚本漏洞的修复措施