Clickcess ChitChat.NET name XSS

2003-08-13T00:00:00
ID EDB-ID:23032
Type exploitdb
Reporter G00db0y
Modified 2003-08-13T00:00:00

Description

Clickcess ChitChat.NET name XSS. Webapps exploit for asp platform

                                        
                                            source: http://www.securityfocus.com/bid/8417/info

It has been reported that a html injection issue exists in the Clickcess ChitChat.NET discussion forum software. The vulnerability is reported to be present in the Name and Topic Title text boxes. The problem may allow a remote attacker to inject malicious HTML and script code into the website.

This vulerability may lead to cookie-based credential theft.

Name: <script>alert(Zone-h1)</script>