• info
• discussion
• exploit
• solution
• references

Yappa-NG Unspecified Cross-Site Scripting Vulnerability

There is no exploit required.

The following proof of concept URI are available:
http://www.example.com/admin_modules/admin_module_info.inc.php?lang_akt[admin_ainfo_hmain]=[XSS]
http://www.example.com/src/index_footer-copyright.inc.php?config[release]=[XSS]
http://www.example.com/src/index_thumbs.inc.php?page[thumb_table_width]=[XSS]