Exploit ASP-DEV XM Forum RC3 - IMG Tag Script Injection

Exploiter

Хакер
34,599
0
18 Дек 2022
EDB-ID
25324
Проверка EDB
  1. Пройдено
Автор
ZINHO
Тип уязвимости
WEBAPPS
Платформа
ASP
CVE
cve-2005-1008
Дата публикации
2005-03-31
Код:
source: https://www.securityfocus.com/bid/12958/info

XM Forum is reported prone to a script injection vulnerability.

An attacker can supply arbitrary HTML and script code through the BBCode IMG tag to trigger this issue and execute arbitrary script code in a user's browser.

XM Forum RC3 is reported vulnerable. It is possible that other versions are affected as well. 

[IMG]javasc+ript:alert(document.cookie)[/IMG]
 
Источник
www.exploit-db.com

Похожие темы