Ultimate Auction ItemList.PL Cross-Site Scripting Vulnerability

An exploit is not required.

An example URI sufficient to demonstrate this issue was provided:

http://www.example.com/cgi-local/auktion/itemlist.pl?category=<script>alert("XSS")</script>


 

Privacy Statement
Copyright 2010, SecurityFocus