Fusionphp Fusion News 3.6.1 - Cross-Site Scripting
| EKU-ID: 29466 | CVE: OSVDB-5622 | OSVDB-ID: |
| Author: DarkBicho | Published: 2004-04-23 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 29466 | CVE: OSVDB-5622 | OSVDB-ID: |
| Author: DarkBicho | Published: 2004-04-23 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/10203/info An attacker may be capable of executing arbitrary script code in a browser of a target user and within the context of a visited web site. This may potentially lead to theft of cookie based authentication credentials, other attacks are also possible. http://www.example.com/fullnews.php?id=<script>alert(document.cookie);</script>