BugTraq
Back to list
|
Post reply
e107 CMS 0.7.2 Chatbox plugin XSS vulnerability
Feb 18 2006 09:08AM
ssteam pl gmail com
Software: e107 CMS 0.7.2
Software Details: Chatbox Plugin v1.0
Class: Remote
Type: XSS
========== Desription ===========
XSS vulnerability exists in e107 0.7.2 CMS.
user input is not correctly sanitized in Chatbox Plugin v1.0.
========== Exploit =============
just paste sample code to a Chatbox:
<script>alert("xss vuln found by ssteam")</script>
Discovered by: marc & shb (ssteam.pl (at) gmail (dot) com [email concealed])
Regards,
marc & shb
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
Software: e107 CMS 0.7.2
Software Details: Chatbox Plugin v1.0
Class: Remote
Type: XSS
========== Desription ===========
XSS vulnerability exists in e107 0.7.2 CMS.
user input is not correctly sanitized in Chatbox Plugin v1.0.
========== Exploit =============
just paste sample code to a Chatbox:
<script>alert("xss vuln found by ssteam")</script>
Discovered by: marc & shb (ssteam.pl (at) gmail (dot) com [email concealed])
Regards,
marc & shb
[ reply ]