AlstraSoft E-Friends - XSS



Alstrasoft E-friends allows you to run a community site like MySpace and Friendster.

Effected files or areas of site:


The input forms on the following items belowdo not properlly filter out all potential harmful characters. XSS are possible because of this.

Posting a blog

Posting a listing

Posting an event

Adding comments

Sending a message

