Intrusion Prevention

LiteSpeed.ConfMgr.PHP.M.XSS

Description

It indicates a possible exploit of a cross-site scripting Vulnerability in admin/config/confMgr.php, in LiteSpeed Web Server, that may allow remote attackers to inject an arbitrary web script or HTML via the m parameter.

Affected Products

LiteSpeed Web Server 2.1.5

Impact

Stealing cookie based information.

Recommended Actions

Currently we are not aware of any vendor-supplied patches for this issue.

CVE References

CVE-2005-3695