Smart core system multi-program through persistent XSS and fixes-vulnerability warning-the black bar safety net

2011-01-18T00:00:00
ID MYHACK58:62201128867
Type myhack58
Reporter 佚名
Modified 2011-01-18T00:00:00

Description

Author: B0mbErM@n

Program: <http://www.zhirui.net/>

Version: [security]2.5.0[the government]v2. 8. 0[school]2.5.0[business]3.7.2 and previous versions

Environment: XP&IE6&Firefox/3.6.13

Vulnerability discovery:2010-01-15

Notification-vendor:2010-01-16

Lasting - XSS,background browsing of the triggerXSSstatement

####### XSS

<http://localhost/Book_Write.asp> E-mail:">[XSS] For example:"><SCRIPT>alert("XSS");</SCRIPT>

Fix: filter