Intrusion Prevention

eFiction.Cross-Site.Scripting

Description

It indicates a possible exploit of SQL injection and cross site scripting vulnerabilities in eFiction software program. These vulnerabilities may allow an attacker to view and modify sensitive information, gain unauthorized access, modify and corrupt the underlying database application, and obtain authentication credentials of a victim.

Affected Products

efiction 2.0, efiction 1.1, and efiction 1.0

Impact

Information disclosure and Gain access.

Recommended Actions

The vendor has released patches to address these issues. Upgrades are available as well. Please see reference for more information.

Other References

1