oss-sec mailing list archives
Cross site vulnerability (XSS) in OcPortal CMS 9.0.20
From: CSW Research Lab <disclose () cybersecurityworks com>
Date: Sat, 19 Dec 2015 08:47:01 +0000
Hi all can you please assign CVE for this issue ? http://ocportal.com/site/news/view/security_issues/security-patch-for-xss.htm?filter=1%2C2%2C3%2C29%2C30 Proof of Concept URL *************************** [+] http://localhost/ocportal /data/emoticons.php?field_name=post&keep_session=1 840048647&utheme=default&overlay=1/ [image: XSS on Data_emotions_browser.PNG] Vulnerable Parameter(s): ****************************** [+] Field_Name Credits & Authors -------------------- Arjun Basnet from Cyber Security Works Pvt. Ltd. ( http://cybersecurityworks.com)
Current thread:
- Cross site vulnerability (XSS) in OcPortal CMS 9.0.20 CSW Research Lab (Dec 19)