Описание
SmarterTools SmarterStats 6.2.4100 generates web pages containing external links in response to GET requests with query strings for frmGettingStarted.aspx, which makes it easier for remote attackers to obtain sensitive information by reading (1) web-server access logs or (2) web-server Referer logs, related to a "cross-domain Referer leakage" issue.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:smartertools:smarterstats:6.2.4100:*:*:*:*:*:*:*
EPSS
Процентиль: 46%
0.0023
Низкий
5 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
github
больше 3 лет назад
SmarterTools SmarterStats 6.2.4100 generates web pages containing external links in response to GET requests with query strings for frmGettingStarted.aspx, which makes it easier for remote attackers to obtain sensitive information by reading (1) web-server access logs or (2) web-server Referer logs, related to a "cross-domain Referer leakage" issue.
EPSS
Процентиль: 46%
0.0023
Низкий
5 Medium
CVSS2
Дефекты
CWE-200