|
PostNuke Downloads / Web_Links Modules TTitle Cross-site Scripting Vulnerability
The following proof of concept has been provided: http://www.example.com/[PATH]/modules.php? op=modload&name=Downloads&file=index&req=viewdownloaddetails&lid=[ID] &ttitle=[Yeye XSS ;-)]"%3e[XSS ATTACK] http://www.example.com/[PATH]/modules.php? op=modload&name=Web_Links&file=index&req=viewlinkdetails&lid=[ID] &ttitle=[MORE ? ;-(]"%3e[XSS ATTACK] |
|
|
Privacy Statement |
