<<< Date Index >>>     <<< Thread Index >>>

Re: [DSECRG-09-009] APC PowerChute Network Shutdown's Web Interface - XSS vulnerability



Dear Digital Security Research Group,



--Thursday, February 26, 2009, 7:40:50 PM, you wrote to 
bugtraq@xxxxxxxxxxxxxxxxx:



DSRG> Application:                    APC PowerChute Network Shutdown's Web 
Interface
DSRG> Vendor URL:                     http://www.apc.com/
DSRG> Bug:                            XSS/Response Splitting

DSRG> Solution:                       Use Firewall

Just wonder: how can firewall to protect against XSS/response splitting?


-- 
Skype: Vladimir.Dubrovin
~/ZARAZA http://securityvulns.com/