dotDefender 'clave' Parameter Cross Site Scripting Vulnerability

Attackers can exploit this issue by enticing an unsuspecting user to visit a malicious page.

The following example URI is available:

http://www.example.com/oportunidades/presencial/buscador/sinresultado/?&idPais=3&clave=%3Cimg%20src=%22WTF%22%20onError=%22{


 

Privacy Statement
Copyright 2010, SecurityFocus