Assetman <= 2.4a XSS

2006-05-27T00:00:00
ID SECURITYVULNS:DOC:12851
Type securityvulns
Reporter Securityvulns
Modified 2006-05-27T00:00:00

Description

Assetman <= 2.4a XSS

Discovered by: Nomenumbra Date: 23/5/2006 impact:moderate (privilege escalation,possible defacement)

Assetman doesn't filter any of it's input, allowing users to inject arbitrary HTML or javascript code.

Nomenumbra