[原文]Incomplete blacklist vulnerability in the checkBlacklist function in CPAINT allows remote attackers to execute arbitrary commands via the (1) ExecuteGlobal function or (2) GetRef statement, which is not included in the blacklist.
CPAINT Ajax Toolkit ExecuteGlobal/GetRef checkBlacklist Function Bypass
Remote / Network Access
Loss of Integrity
CPAINT Ajax Toolkit contains a flaw that allows a remote cross site scripting attack. This flaw exists because the "checkBlacklist" function does not sanitize calls to the "ExecuteGlobal" function and "GetRef" statement. This could allow a malicious user to execute code remotely, leading to a loss of integrity.
Upgrade to version 1.3-SP or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.