10 lines
No EOL
714 B
Text
10 lines
No EOL
714 B
Text
source: https://www.securityfocus.com/bid/14498/info
|
|
|
|
DVBBS is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input.
|
|
|
|
An attacker may leverage these issues to execute arbitrary code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
|
|
|
|
http://www.example.com/boardhelp.asp?boardid=0&act=2&title=[XSS-CODE]
|
|
http://www.example.com/boardhelp.asp?boardid=0&view=faq[XSS-CODE]&act=3
|
|
http://www.example.com/boardhelp.asp?boardid=0&view=faq&act=3[XSS-CODE]
|
|
http://www.example.com/boardhelp.asp?boardid=0&act=2[XSS-CODE]&title= |