Thomson SpeedTouch 500 Series Cross-Site Scripting Vulnerability

This issue can be exploited through use of a web client.

The following proof of concept URI is available:
http://www.example.com/cgi/b/intfs/_intf_/ov/?ce=1&be=0&l0=3&l1=1&name=[code here]
http://www.exmaple.com/cgi/b/intfs/_intf_/ov/?0=10&1=usrAccApply&34=NewUser&36=1&33=test&31=[code here]


 

Privacy Statement
Copyright 2010, SecurityFocus