5 lines
No EOL
387 B
Text
5 lines
No EOL
387 B
Text
source: http://www.securityfocus.com/bid/10203/info
|
|
|
|
An attacker may be capable of executing arbitrary script code in a browser of a target user and within the context of a visited web site. This may potentially lead to theft of cookie based authentication credentials, other attacks are also possible.
|
|
|
|
http://www.example.com/fullnews.php?id=<script>alert(document.cookie);</script> |