Yoast SEO 1.14.15 Cross Site Scripting

2013-08-31T00:00:00
ID PACKETSTORM:123028
Type packetstorm
Reporter Sean Roberts
Modified 2013-08-31T00:00:00

Description

                                        
                                            `Discussion:  
Yoast SEO Plugin v1.14.15 has a xss vulnerability due to lack of search  
sanitation.  
  
Exploit:  
This can be exploited with a browser and is usually executed inside the  
search parameter of the website.  
  
Proof of concept:  
http://5linx.com/?s="><script>alert(document.cookie);</script>  
`