BugTraq
WebsiteBaker CMS lack of sanitizing May 06 2006 12:56PM
zerogue gmail com
WebsiteBaker CMS lack of sanitizing

Discovered by: Nomenumbra

Date: 6/4/2006

impact:moderate (privilege escalation,possible defacement)

A user's display name isn't filtered at all, allowing them to

insert any HTML of javascript code at will.

Nomenumbra/[0x4F4C]

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus