10 lines
No EOL
557 B
Text
10 lines
No EOL
557 B
Text
source: http://www.securityfocus.com/bid/24365/info
|
|
|
|
WmsCMS is prone to multiple cross-site scripting vulnerabilities because it fails to adequately sanitize user-supplied input data before rendering it in a user's browser.
|
|
|
|
Attackers could exploit these issues to steal cookie-based authentication credentials from legitimate users of the site; other attacks are also possible.
|
|
|
|
WmsCMS 2.0 is vulnerable; other versions may also be affected.
|
|
|
|
http://www.example.com/4print.asp?p=60&sbl=>">[XSS]
|
|
http://www.example.com/4print.asp?p=60&sbr=>">[XSS] |