Multiple cross-site scripting (XSS) vulnerabilities in IPswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allow remote attackers to inject arbitrary web script or HTML via unknown vectors in (1) NmConsole/Tools.asp and (2) NmConsole/DeviceSelection.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Whatsup_professional | Ipswitch | 2006 (including) | 2006 (including) |
| Whatsup_professional | Ipswitch | 2006_premium (including) | 2006_premium (including) |