Intrusion Prevention

Samsung.Security.Manager.PUT.Method.XSS

Description

This indicates an attack attempt against a Cross-Site Scripting vulnerability in Samsung Security Manager.
The vulnerability is due to insufficient validation of user supplied data in the application. A remote attacker can exploit this by tricking an unsuspecting user into visiting a malicious webpage and execute arbitrary script code within the context of the target user's target application.

Affected Products

Samsung Security Manager Universal 1.5 and prior

Impact

System Compromise: Remote attackers can execute arbitrary script code within the context of the target system

Recommended Actions

Currently we are unaware of any vendor supplied patch for this issue.