Flyspray Multiple Information Disclosure, HTML Injection, and Cross-Site Scripting Vulnerabilities

info
discussion
exploit
solution
references

Flyspray Multiple Information Disclosure, HTML Injection, and Cross-Site Scripting Vulnerabilities

Attackers can exploit these issues via a browser. To exploit a cross-site scripting issue, an attacker must entice an unsuspecting user to follow a malicious URI.

The following proof-of-concept URIs are available:

/data/vulnerabilities/exploits/28076.html