Portal Pack Multiple Cross-Site Scripting Vulnerabilities

Portal Pack Multiple Cross-Site Scripting Vulnerabilities

These issues can be exploited through a web client.

The following proof-of-concept URIs are available:

http://www.example.com/cgi-bin/calendar/Visitor.cgi?job=view_event&eventNo=0&sort_order=[XSS]

http://www.example.com/cgi-bin/news/NsVisitor.cgi?job=view_article&articleNo=0&sort_order=[XSS]

http://www.example.com/cgi-bin/search/search.cgi?q=[XSS]

http://www.example.com/cgi-bin/classifieds/viewcat.cgi?cat_id=[XSS]