TUCoPS :: Web BBS :: etc :: b06-3061.htm

aXentForum II XSS vuLLn
aXentForum II XSS vuLLn
aXentForum II XSS vuLLn



vendor:http://www.axent.us/axentforum.cfm=0D 
affected versions:aXentForum II and prior=0D
=0D
aXentForum II contains a flaw that allows a remote Cross-Site Scripting attacks.Input passed to the "startrow" parameter in "viewposts.cfm" isn't properly sanitised before being returned to the user.=0D
This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.=0D
=0D
Turkish hacker

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH