TUCoPS :: Web :: Servers :: a6090.htm

Verity Information Server XSS
26th Mar 2003 [SBWID-6090]
COMMAND

	Verity Information Server XSS

SYSTEMS AFFECTED

	Verity Information Server ?

PROBLEM

	Thanks to decka trash [decka_trash@yahoo.com] kind advisory :
	
	I Found A Cross Site Scripting Bug  In  Verity  Information  Server  And
	Will Be Executed.
	
	Example:-
	
	Try To Put A Script In A Search Box But Beginning  With  ">  And  Ending
	With <
	
	More Example:-
	
	"><script>alert(document.cookie)</script><  ...And Search For It.
	

SOLUTION

	?

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH