MKPortal 1.x - Multiple Modules Cross-Site Scripting Vulnerabilities

ID EDB-ID:33206
Type exploitdb
Reporter Inj3ct0r
Modified 2009-08-31T00:00:00


MKPortal 1.x Multiple Modules Cross Site Scripting Vulnerabilities. Webapps exploit for php platform


Multiple modules of MKPortal are prone to cross-site scripting vulnerabilities because the software fails to sufficiently sanitize user-supplied data.

Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials; other attacks are also possible.