| New User, Welcome! Login |
Re: XSS vulnerability in Theeta CMS
| From: |
security curmudgeon <jericho attrition org> |
| To: |
advisory htbridge ch |
| Cc: |
bugtraq securityfocus com |
| Subject: |
Re: XSS vulnerability in Theeta CMS |
| Date: |
Sat - Aug 14, 2010 06:50 PM |
: Vulnerability ID: HTB22489
: Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_theeta_cms_2.html
: Vendor: MN Tech Solutions
: Vulnerable Version: 0.0
: The vulnerability exists due to failure in the "forum.php" script to
: properly sanitize user-supplied input in "forum" variable. Successful
: exploitation of this vulnerability could result in a compromise of the
: application, theft of cookie-based authentication credentials,
: disclosure or modification of sensitive data.
Disclosed on 2009-12-01 by c0dy[at]r00tDefaced.net, and assigned
CVE-2009-4782.
|
|
|
Copyright © 1995-2012 LinuxRocket.net. All rights reserved.
Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!
