Arbitrary Code Execution via Cross-Site Scripting in Artica Web Proxy

Arbitrary Code Execution via Cross-Site Scripting in Artica Web Proxy

CVE-2017-17055 · HIGH Severity

AV:N/AC:M/AU:S/C:C/I:C/A:C

Artica Web Proxy before 3.06.112911 allows remote attackers to execute arbitrary code as root by conducting a cross-site scripting (XSS) attack involving the username-form-id parameter to freeradius.users.php.

Learn more about our Web App Pen Testing.