singapore 0.10.1 Modern Template 'gallery' Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27382/info singapore Modern template is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script...

advisory-singapore-modern-template.txt

Singapore Modern Template v1.3.2 pageTitle.'" href="'.$SERVER"PHPSELF"; if isset$GET"gallery" echo '?gallery='.$GET"gallery"; echo '&template=rss" / Input passed to the "gallery" parameter is not properly santised. Therefore the following request would result in a XSS flaw:...

Singapore 0.10.1 Modern Template - 'gallery' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27382/info singapore Modern template is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

Singapore 0.10.1 Modern Template - gallery Cross-Site Scripting

Singapore 0.10.1 Modern Template - gallery Cross-Site Scripting source: https://www.securityfocus.com/bid/27382/info singapore Modern template is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this iss...