Cilem Haber Free Edition - 'hata.asp?hata' Cross-Site Scripting
| EKU-ID: 34420 | CVE: CVE-2006-6536;OSVDB-36403 | OSVDB-ID: |
| Author: ShaFuck31 | Published: 2006-12-08 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 34420 | CVE: CVE-2006-6536;OSVDB-36403 | OSVDB-ID: |
| Author: ShaFuck31 | Published: 2006-12-08 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/21511/info Ã?ilem Haber Free Edition is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user. This may help the attacker steal cookie-based authentication credentials and launch other attacks. http://www.example.com/[path to script]/editor_haber/hata.asp?hata=[XSS]