Spymac WebOS Blogs blog.php caldate Variable XSS

2005-11-04T13:59:14
ID OSVDB:20906
Type osvdb
Reporter OSVDB
Modified 2005-11-04T13:59:14

Description

Manual Testing Notes

http://[target]/blogs/blog.php?pageid=113733&caldate=1128146400[XSS-CODE] http://[target]/blogs/blog.php?pageid=260&label=Cool%20Stuff&caldate=1128146400[XSS-CODE]

References:

Vendor URL: http://www.spymac.com/ Related OSVDB ID: 20905 Related OSVDB ID: 20904 Related OSVDB ID: 20902 Related OSVDB ID: 20903 Related OSVDB ID: 20907 Other Advisory URL: http://lostmon.blogspot.com/2005/11/spymac-web-os-v4-blogs-and-notes.html FrSIRT Advisory: ADV-2005-2312 CVE-2005-3511