Threat Encyclopedia

ICT.Protege.GX.WX.Stored.XSS

description-logoDescription

This indicates an attack attempt to exploit a Cross Site Scripting Vulnerability in ICT Protege GX/WX.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application while handling maliciously crafted requests. A remote attacker may be able to exploit this to execute arbitrary script code in a user's browser.

affected-products-logoAffected Products

ICT Protege GX
Ver: 2.08.1002 K1B3
Lib: 04.00.217
Int: 2.3.235.J013
OS: 2.0.20
ICT Protege WX
Ver: 4.00 284 H062
App: 02.08.766
Lib: 04.00.169
Int: 02.2.208

Impact logoImpact

System Compromise: Remote attackers can execute arbitrary script code within the context of the target user's browser.

recomended-action-logoRecommended Actions

Currently we are unaware of any vendor supplied patch for this issue.

Telemetry logoTelemetry