Caucho Technology Resin digest.php Cross Site Scripting Vulnerability May 18 2010 11:18PM
xuanmumu gmail com
This vulnerability do not need to login.digest.php use the REQUEST method in a wrong way to accept parameters,the malicious user could submit xss code on this page and an attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.


Test on Resin Professional 3.1.5

[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus