TSguestbook Message Field HTML Injection Vulnerability

info
discussion
exploit
solution
references

TSguestbook Message Field HTML Injection Vulnerability

No exploit is required. The following proof of concept guestbook entry has been provided to demonstrate exploitation.

Name: Zone-h Security Team

Email: test@test.com

ICQ: 11111111

Homepage: http://www.zone-h.org

Message:<script>alert('Zone-H')</script>