|
Dokeos 'forum' and 'origin' Multiple Cross-Site Scripting Vulnerabilities
Attackers can exploit these issues by enticing an unsuspecting user to follow a malicious URI. The follow proof-of-concept URIs are available: http://www.example.com/main/forum/viewforum.php?cidReq=[Forum-ID]&forum=XSS http://www.example.com/main/forum/viewthread.php?forum=XSS http://www.example.com/main/work/work.php?cidReq=[Forum-ID]&curdirpath=/&display_upload_form=true&origin=XSS |
|
|
Privacy Statement |
