[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
VisionSource CMS <= 0.6 XSS vectors
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: VisionSource CMS <= 0.6 XSS vectors
- From: zerogue@xxxxxxxxx
- Date: 6 May 2006 12:56:32 -0000
VisionSource CMS <= 0.6 XSS vectors
Discovered by: Nomenumbra
Date: 5/4/2006
impact:moderate (privilege escalation,possible defacement)
No data inside the user's profile is filtered thus allowing them to
embed malicious XSS vectors to potentially steal cookies.
Nomenumbra/[0x4F4C]