Pixar Tractor CVE-2018-5411 HTML Injection Vulnerability

Pixar Tractor is prone to an unspecified HTML-injection vulnerability.

Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user. Other attacks are also possible.


Bugtraq ID: 106209
Class: Input Validation Error
CVE: CVE-2018-5411

Remote: Yes
Local: No
Published: Dec 13 2018 12:00AM
Updated: Dec 13 2018 12:00AM
Credit: Unknown
Vulnerable: Pixar Tractor 2.2

Not Vulnerable: Pixar Tractor 2.3 Build 1923604


Attackers can exploit this issue using browser.

Related Posts