Bugtraq mailing list archives
ARISg5 (version 5.0) cross site scripting vulnerability
From: "Yaniv Miron" <lament () ilhack org>
Date: Fri, 26 Feb 2010 03:30:58 +0200
Hello, Please see the following report: ARISg5 (version 5.0) cross site scripting vulnerability ----------------------------------------------------------------------- Application name: ARISg5 (arisglobal) Version: 5.0 Class: Input Validation Error Type: Cross Site Scripting (XSS) Remote: Yes Credit: Yaniv Miron Exploit: http://SERVER_ADDRESS/Aris/wflogin.jsp?errmsg=XSS msg<script>alert('Test XSS')</script> Yaniv Miron aka "Lament". lament () ilhack org
Current thread:
- ARISg5 (version 5.0) cross site scripting vulnerability Yaniv Miron (Feb 26)