Cross Site Scripting (XSS) Vulnerability in DomainMOD

Cross Site Scripting (XSS) Vulnerability in DomainMOD

CVE-2018-1000856 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:P/A:N

DomainMOD version 4.09.03 and above. Also verified in the latest version 4.11.01 contains a Cross Site Scripting (XSS) vulnerability in Segment Name field in the segments page that can result in Arbitrary script can be executed on all users browsers who visit the affected page. This attack appear to be exploitable via Victim must visit the vulnerable page. This vulnerability appears to have been fixed in No fix yet.

Learn more about our User Device Pen Test.