Multiple cross-site scripting (XSS) vulnerabilities in IPswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allow remote malicious users to inject arbitrary web script or HTML via the (1) sDeviceView or (2) nDeviceID parameter to (a) NmConsole/Navigation.asp or (3) sHostname parameter to (b) NmConsole/ToolResults.asp.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ipswitch whatsup professional 2006 |
||
ipswitch whatsup professional 2006_premium |