8 lines
No EOL
497 B
Text
8 lines
No EOL
497 B
Text
source: https://www.securityfocus.com/bid/18348/info
|
|
|
|
Open Business Management is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize HTML and script code from user-supplied input to several parameters before returning to the user.
|
|
|
|
|
|
An attacker could exploit this vulnerability to inject hostile HTML and script code into the browser session of other users of the application.
|
|
|
|
http://obm-host/user/user_index.php?action=search&tf_login=&tf_lastname=[XSS] |