Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Caucho Technology Resin digest.php Cross Site Scripting Vulnerability
May 18 2010 11:18PM
xuanmumu gmail com
This vulnerability do not need to login.digest.php use the REQUEST method in a wrong way to accept parameters，the malicious user could submit xss code on this page and an attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
[ more ]
Copyright 2010, SecurityFocus