7 lines
No EOL
555 B
Text
7 lines
No EOL
555 B
Text
source: http://www.securityfocus.com/bid/9588/info
|
|
|
|
It has been reported that Mambo Open Source may be prone to a cross-site scripting vulnerability that may allow a remote attacker to execute arbitrary HTML or script code in a user's browser. The issue exists in the 'Itemid' parameter of 'index.php' script.
|
|
|
|
Mambo Open Source version 4.6 has been reported to be prone to this issue, however, other versions may be affected has well.
|
|
|
|
http://www.example.com/index.php?option=content&task=view&id=1&Itemid="><script>alert(document.domain);</script> |