Assetman <= 2.4a XSS May 23 2006 05:54PM
zerogue gmail com
Assetman <= 2.4a XSS

Discovered by: Nomenumbra

Date: 23/5/2006

impact:moderate (privilege escalation,possible defacement)

Assetman doesn't filter any of it's input, allowing users

to inject arbitrary HTML or javascript code.

Nomenumbra

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus