info
discussion
exploit
solution
references
SurgeLDAP User.CGI Cross-Site Scripting Vulnerability
The following example was submitted:
http://www.example.com:6680/user.cgi?cmd=<script>alert('C.S.S')</script>&utoken=
Privacy Statement
Copyright 2010, SecurityFocus
