9 lines
No EOL
636 B
Text
9 lines
No EOL
636 B
Text
source: https://www.securityfocus.com/bid/13372/info
|
|
|
|
yappa-ng is prone to an unspecified cross-site scripting vulnerability. This issue may allow for theft of cookie-based authentication credentials or other attacks.
|
|
|
|
The vendor has not published any specific details about this vulnerability other than stating that it is addressed in the 2.3.2 security release of the software.
|
|
|
|
http://www.example.com/admin_modules/admin_module_info.inc.php?lang_akt[admin_ainfo_hmain]=[XSS]
|
|
http://www.example.com/src/index_footer-copyright.inc.php?config[release]=[XSS]
|
|
http://www.example.com/src/index_thumbs.inc.php?page[thumb_table_width]=[XSS] |