CVE-2011-4751

EUVD-2011-4669
SmarterTools SmarterStats 6.2.4100 generates web pages containing external links in response to GET requests with query strings for frmGettingStarted.aspx, which makes it easier for remote attackers to obtain sensitive information by reading (1) web-server access logs or (2) web-server Referer logs, related to a "cross-domain Referer leakage" issue.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 45%
Affected Products (NVD)
VendorProductVersion
smartertoolssmarterstats
6.2.4100
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://xss.cx/examples/exploits/stored-reflected-xss-cwe79-smarterstats624100.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/72203
http://xss.cx/examples/exploits/stored-reflected-xss-cwe79-smarterstats624100.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/72203