5 lines
No EOL
458 B
Text
5 lines
No EOL
458 B
Text
source: http://www.securityfocus.com/bid/8862/info
|
|
|
|
Vivisimo Clustering Engine reported prone to cross-site scripting vulnerability. The problem occurs due to insufficient sanitization of parameters passed to the search script. As a result, an attacker may be capable of constructing a link designed to execute arbitrary script code within the browser of a user who follows it.
|
|
|
|
http://www.example.com/search?query=<script>alert(document.domain)</script> |