ovidentiaXSS.txt

2005-07-02T00:00:00
ID PACKETSTORM:38431
Type packetstorm
Reporter RB9
Modified 2005-07-02T00:00:00

Description

                                        
                                            `Ovidentia is a project which allows you to publish with extreme ease  
and very fast an intranet, extranet or internet portal with the  
classic functions of a Content Management System (CMS). Its website is  
at http://www.ovidentia.org  
  
Ovidentia suffers from a vulnerability which allows you to embed XSS  
code such as  
<script>alert(document.cookie)</script>  
as part of the Subject line when starting a new thread in an unlocked  
forum section.  
  
FNSE advisory  
http://fnse.be.tt  
  
Watch out for my new book "How to Make Unhackable French Fries"  
  
RB9  
`