ParticleSoft Wiki v1.0.2=0D
=0D
Effected files:=0D
=0D
input boxes on editing pages:=0D
=0D
XSS Proof of concept:=0D
=0D
We notice br tags are allowed, so by using a STYLE attribute using a comment to break up expression we can create a XSS vuln:=0D
=0D
Put the following in when editing a page:=0D
=0D

=0D
=0D
Thanks to Rsnake & Roman Ivanov for the above xss example code.