Digital Scribe 1.x - Error Function Cross-Site Scripting
| EKU-ID: 28562 | CVE: OSVDB-2518 | OSVDB-ID: |
| Author: Secunia | Published: 2003-09-05 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 28562 | CVE: OSVDB-2518 | OSVDB-ID: |
| Author: Secunia | Published: 2003-09-05 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/8551/info A problem has been reported in the checking of input by Digital Scribe, potentially allow for cross-site scripting attacks. Because of this, it may be possible for an attacker to steal cookie authentication credentials or launch other attacks. http://www.example.com/login.php?error=<script>(document.cookie)</script>