Reading Time: 1 minute

hacker in monitorAccording to Homeland Securities Computer Emergency Response Team (US-CERT) SpamTitan contains a reflected cross-site scripting (XSS) vulnerability. SpamTitan is a server system for monitoring email and reducing spam email and other threats.

The vulnerability was found in the auth-settings-x.php page of the management interface. It will enable an attacker to load a malicious script in the context of the user’s browser through thesortdir parameter.

Cross-Site Scripting vulnerabilities allow a third party to manipulate the content or behaviour of a web application in a user’s browser, without compromising the underlying system. Cross-Site Scripting vulnerabilities are often used against specific users of a website to steal their credentials or to conduct spoofing attacks.

SpamTitan customers should apply patch 6.04, release recently by SpamTitan to address this vulnerability.

You should only allow connections from trusted hosts and networks. Restricting access does not prevent XSS or CSRF attacks since the attack comes as an HTTP request from a legitimate user’s host. However, restricting access would prevent an attacker from accessing the web interface using stolen credentials.