Pligg CMS -- XSS Vulnerability

2015-05-13T00:00:00
ID C290F093-C89E-11E6-821E-68F7288BDF41
Type freebsd
Reporter FreeBSD
Modified 2015-05-13T00:00:00

Description

Netsparker reports:

Proof of Concept URL for XSS in Pligg CMS: Page: groups.php Parameter Name: keyword Parameter Type: GET Attack Pattern: http://example.com/pligg-cms-2.0.2/groups.php?view=search&keyword='+alert(0x000D82)+' For more information on cross-site scripting vulnerabilities read the article Cross-site Scripting (XSS).