Credit:
---------------------------------------------
Isfahan University of Technology - Computer Emergency Response Team
Thanks to : N. Fathi, M. R. Faghani
Credit:
------------------
Isfahan University of Technology - Computer Emergency Response Team
Thanks to : M. Fereidounian, M. R. Faghani, N. Fathi,E. Jafari
Credit:
------------------
Isfahan University of Technology - Computer Emergency Response Team
Thanks to : M. Fereidounian, M. R. Faghani, N. Fathi, E. Jafari
:
: Input validation of Parameter "q" should be corrected.
:
: Credit:
:
: Isfahan University of Technology - Computer Emergency Response Team
:
: Thanks to : N. Fathi, E. Jafari, M. R. Faghani
So a University of Technology maintains a CERT team, that discloses the
most basic of XSS flaws, and you cannot even figure out which script is
Input Validation Filter should be patched.
Credit:
------------------
Isfahan University of Technology - Computer Emergency Response Team
Thanks to : M. R. Faghani, N. Fathi, E. Aerabi, E. Jafari
Credit:
------------------
Isfahan University of Technology - Computer Emergency Response Team
Thanks to : M. Fereidounian, M. R. Faghani, N. Fathi,E. Jafari
Credit:
------------------
Isfahan University of Technology - Computer Emergency Response Team
Thanks to : M. Fereidounian, M. R. Faghani, N. Fathi,E. Jafari
Credit:
------------------
Isfahan University of Technology - Computer Emergency Response Team
Thanks to : N. Fathi, E. Jafari, M. R. Faghani
PoC : http://[target]/IBSng/util/show_multistr.php?str=[xss]
Original Advisory : http://nsec.ir/
Credit: Isfahan University of Technology - Computer Emergency Response Team
Input validation of Parameter "q" should be corrected.
Credit:
------------------
Isfahan University of Technology - Computer Emergency Response Team
Thanks to : E. Jafari, N.Fathi, M. R. Faghani
Credit:
------------------
Isfahan University of Technology - Computer Emergency Response Team
Thanks to : E. Jafari, N. Fathi, M. R. Faghani
