MRBS 'area' Parameter Multiple Cross-Site Scripting Vulnerabilities

Attackers can exploit these issues by enticing an unsuspecting user to follow a malicious URI.

The following example URIs are available:

http://www.example.com/path/day.php?area=[XSS]
http://www.example.com/path/week.php?area=[XSS]
http://www.example.com/path/month.php?area=[XSS]
http://www.example.com/path/search.php?area=[XSS]
http://www.example.com/path/report.php?area=[XSS]
http://www.example.com/path/help.php?area=[XSS]


 

Privacy Statement
Copyright 2010, SecurityFocus