U.S. Dept Of Defense: Corda Server XSS ████████

Summary: Cord server will display the error message if something isn't allowed to be used thus allowing xss Description: /scripts/ctredirector.dll allows users to call images or files. We can use the parameter @FILE to dictate a file or url, if it fails it'll display the url into the page. We the...

Corda Cross Site Scripting / Path Disclosure

Corda Path Disclosure and XSS ============================================================ FOREGROUND SECURITY, SECURITY ADVISORY 2013-002 - Original release date: July 12, 2013 - Discovered by: Adam Willard Software Security Analyst at Foreground Security - Contact: awillard at foregroundsecurit...