Cross site scripting

2010-03-2517:30:00

PRIOn knowledge base

www.prio-n.com

6.1 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.2%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Jokes Complete Website allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to joke.php and the (2) searchingred parameter to results.php.

References

www.packetstormsecurity.com/1001-exploits/jokescomplete-xss.txt

www.securityfocus.com/bid/37852

exchange.xforce.ibmcloud.com/vulnerabilities/55761