Jetbox CMS 2.1 - '/view/search/?path' Cross-Site Scripting
| EKU-ID: 35163 | CVE: CVE-2007-2732;OSVDB-37451 | OSVDB-ID: |
| Author: Mikhail Markin | Published: 2007-05-15 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 35163 | CVE: CVE-2007-2732;OSVDB-37451 | OSVDB-ID: |
| Author: Mikhail Markin | Published: 2007-05-15 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/23999/info Jetbox CMS is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials and to launch other attacks. Jetbox CMS 2.1 is vulnerable. http://www.example.com/jetbox/index.php/view/search/?path=[xss]