7 lines
No EOL
566 B
Text
Executable file
7 lines
No EOL
566 B
Text
Executable file
source: http://www.securityfocus.com/bid/9496/info
|
|
|
|
Cherokee has been reported to contain a cross-site scripting vulnerability via error pages.
|
|
|
|
An attacker can exploit this issue by crafting a URI link containing the malevolent HTML or script code, and enticing a user to follow it. The attacker-supplied code may be rendered in the web browser of a user who follows the malicious link. Exploitation of this issue may allow for theft of cookie-based authentication credentials or other attacks.
|
|
|
|
http://www.example.com/<script>alert(document.cookie)</script> |