|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Manila <= 9.5 - XSS Vulnerabilities
d4igoro
gmail.com
Date: Tue Apr 11 2006 - 16:19:26 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Manila <= 9.5 - XSS Vulnerabilities
--------------------------------------------------------
Software: Manila
Version: <= 9.5
Type: Cross Side Scripting Vulnerability
Date: Die Apr 11 21:33:54 CEST 2006
Vendor: UserLand Software
Page: http://manila.userland.com/
Risc: Middle
credits:
----------------------------
d4igoro - d4igoro[at]gmail[dot]com
http://d4igoro.blogspot.com/
vulnerability:
----------------------------
http://[target]/discuss/msgReader$1?mode=[XSS]
http://[target]/newsItems/viewDepartment$[XSS]
solution:
----------------------------
There isn't a solution yet.
notes:
----------------------------
At the time of posting no known official patches are available for this vulnerability.
The vendor has been informed.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]