BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
BrowserCRM vulnerable for XSS Jan 31 2006 12:03AM
preben watchcom no
Inputs in the BrowserCRM is not properly sanitized, and XSS is possible in a lot of the systems input fields and url parameters.

Some fields have been filtered in a basic form, so that simple scripting like "<script>alert('XSS')</script>" is not possible. Howevere, since the filtering is not based ...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus