info
discussion
exploit
solution
references
Chipmunk Guestbook Homepage HTML Injection Vulnerability
The following example was provided:
Add an entry form:
http://www.example.com/guestbook/addentry.php
Homepage value: '></a><script>alert(123);</script>
Privacy Statement
Copyright 2010, SecurityFocus
