9 lines
No EOL
559 B
Text
9 lines
No EOL
559 B
Text
source: https://www.securityfocus.com/bid/18348/info
|
|
|
|
Open Business Management is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize HTML and script code from user-supplied input to several parameters before returning to the user.
|
|
|
|
|
|
An attacker could exploit this vulnerability to inject hostile HTML and script code into the browser session of other users of the application.
|
|
|
|
http://obm-host/list/list_index.php?action=search&tf_name=[XSS]
|
|
http://obm-host/list/list_index.php?action=search&tf_name=&tf_contact=[XSS] |