Cross-site scripting (XSS) vulnerability in DFLabs PTK 1.0.0 up to and including 1.0.4 allows remote malicious users to inject arbitrary web script or HTML by providing a forensic image containing HTML documents, which are rendered in web browsers during inspection by PTK. NOTE: the vendor states that the product is intended for use in a laboratory with "no contact from / to internet."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dflabs ptk 1.0.0 |
||
dflabs ptk 1.0.1 |
||
dflabs ptk 1.0.2 |
||
dflabs ptk 1.0.3 |
||
dflabs ptk 1.0.4 |