virus logo Intrusion Prevention

Syneto.Unified.Threat.Management.Index.php.XSS

description-logoDescription

This indicates an attack attempt to exploit a Cross Site Scripting vulnerability in Syneto Unified Threat Management.
The vulnerability is caused by insufficient sanitizing of user supplied inputs that is being passed to "index.php". A remote attacker can exploit this to execute arbitrary script code in context of the affected site

affected-products-logoAffected Products

Syneto Unified Threat Management 1.4.2
Syneto Unified Threat Management 1.3.3 Community Edition

Impact logoImpact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

recomended-action-logoRecommended Actions

Currently we are not aware of any vendor supplied patch for this issue.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)
ID 31386
Created Mar 27, 2012
Updated Nov 09, 2021
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Default Action drop
Active
Affected OS Windows, Linux, BSD, Solaris, MacOS
Affected App PHP_app