2 matches found
airkiosk.com XSS vulnerability
Open Bug Bounty ID: OBB-411618 Description| Value ---|--- Affected Website:| airkiosk.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Shee...
Airkiosk/formlib application is XSS vuln
In the last week I've found a XSS vuln into the Sutra's Airkiosk application for the realtime distribution of flights/booking and check-in interface www.airkiosk.com. The XSS is possible because they are using a VULN/OLD formlib.pl in their application that permits to execute any JavaScript you...