Serena TeamTrack 6.1.1 Information Disclosure and Cross-Site Scripting Vulnerability
CVE-2004-2563 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:N
Serena TeamTrack 6.1.1 allows remote attackers to obtain sensitive information such as user names, versions, and database information, and conduct cross-site scripting (XSS) attacks, via a direct request to tmtrack.dll with modified LoginPage and Template parameters.
Learn more about our User Device Pen Test.