Verity K2 Toolkit 2.20 Query Builder Search Script Cross-Site Scripting Vulnerability

2003-07-02T00:00:00
ID EDB-ID:22857
Type exploitdb
Reporter SSR Team
Modified 2003-07-02T00:00:00

Description

Verity K2 Toolkit 2.20 Query Builder Search Script Cross-Site Scripting Vulnerability. Webapps exploit for jsp platform

                                        
                                            source: http://www.securityfocus.com/bid/8074/info

It has been reported that the K2 Toolkit does not sufficiently sanitize input by users. Because of this, it may be possible for an attacker to launch an attack that results in the execution of hostile HTML or script code in the browsers of users that have loaded a malicious link created by the attacker.

http://www.example.com/[search].jsp?[query]=><img src=javascript:alert(document.cookie)>