Nuked-Klan 1.3 - Multiple Cross-Site Scripting Vulnerabilities

ID EDB-ID:22276
Type exploitdb
Reporter gregory Le Bras
Modified 2003-02-23T00:00:00


Nuked-Klan 1.3 Multiple Cross Site Scripting Vulnerabilities. CVE-2003-1238. Webapps exploit for php platform


It has been reported that Nuked-Klan beta 1.3 is prone to cross site scripting attacks. The problem occurs in the 'Team', 'News', and 'Liens' modules which fails to sufficiently sanitize user-supplied HTML and script code located in URI parameters.

This vulnerability was reported for Nuked-Klan beta 1.3; earlier versions may also be affected.<script>alert('Test');</script><script>alert('test');</script><script>alert('test');</script>