PHPResidence <= 0.6 XSS

2006-05-27T00:00:00
ID SECURITYVULNS:DOC:12848
Type securityvulns
Reporter Securityvulns
Modified 2006-05-27T00:00:00

Description

PHPResidence <= 0.6 XSS

Discovered by: Nomenumbra Date: 23/5/2006 impact:moderate (privilege escalation,possible defacement)

PHP Residence software doesn't sanitize any of it's input, allowing a malicious attacker (providing he/she has an account) to inject arbitrary HTML or javascript code

Nomenumbra