Clickcess ChitChat.NET - topic title Cross-Site Scripting
| EKU-ID: 28494 | CVE: OSVDB-3743 | OSVDB-ID: |
| Author: G00db0y | Published: 2003-08-13 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 28494 | CVE: OSVDB-3743 | OSVDB-ID: |
| Author: G00db0y | Published: 2003-08-13 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/8417/info It has been reported that a html injection issue exists in the Clickcess ChitChat.NET discussion forum software. The vulnerability is reported to be present in the Name and Topic Title text boxes. The problem may allow a remote attacker to inject malicious HTML and script code into the website. This vulerability may lead to cookie-based credential theft. Topic title: <script>alert(Zone-h)</script>