CVE-2011-4751

SmarterTools SmarterStats 6.2.4100 generates web pages containing external links in response to GET requests with query strings for frmGettingStarted.aspx, which makes it easier for remote attackers to obtain sensitive information by reading (1) web-server access logs or (2) web-server Referer logs, related to a "cross-domain Referer leakage" issue.
Configurations

Configuration 1 (hide)

cpe:2.3:a:smartertools:smarterstats:6.2.4100:*:*:*:*:*:*:*

History

21 Nov 2024, 01:32

Type Values Removed Values Added
References () http://xss.cx/examples/exploits/stored-reflected-xss-cwe79-smarterstats624100.html - () http://xss.cx/examples/exploits/stored-reflected-xss-cwe79-smarterstats624100.html -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/72203 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/72203 -

Information

Published : 2011-12-16 11:55

Updated : 2024-11-21 01:32


NVD link : CVE-2011-4751

Mitre link : CVE-2011-4751

CVE.ORG link : CVE-2011-4751


JSON object : View

Products Affected

smartertools

  • smarterstats
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor