Allinta CMS Multiple Cross-Site Scripting Vulnerabilities

Allinta CMS Multiple Cross-Site Scripting Vulnerabilities

No exploit is required.

The following examples were provided:

http://example.com/faq.asp?s=[XSS]&roottopicID=&sa=1&submit=Search

http://example.com/search.asp?searchQuery=[XSS]&go=Search&submitted=true