Selenium Web Server 1.0 - Cross-Site Scripting
| EKU-ID: 34248 | CVE: CVE-2006-6124;OSVDB-30454 | OSVDB-ID: |
| Author: Greg Linares | Published: 2006-11-15 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 34248 | CVE: CVE-2006-6124;OSVDB-30454 | OSVDB-ID: |
| Author: Greg Linares | Published: 2006-11-15 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/21100/info
Biba Selenium Web Server is prone to a cross-site scripting because the application fails to sufficiently sanitize user-supplied input.
An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may lead to other attacks.
http://www.example.com/%3Cscript%3Ealert('CSS_Vulnerable')%3C/script%3E