Exploit Cisco CallManager 4.1 - Search Form Cross-Site Scripting

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
30077
Проверка EDB
  1. Пройдено
Автор
MARC RUEF
Тип уязвимости
WEBAPPS
Платформа
ASP
CVE
cve-2007-2832
Дата публикации
2007-05-23
Код:
source: https://www.securityfocus.com/bid/24119/info

Cisco CallManager is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input.

Exploiting this vulnerability could allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected website. As a result, the attacker may be able to steal cookie-based authentication credentials and to launch other attacks.

Cisco CallManager 4.1.1 is reported vulnerable; other versions may also be affected. 

https://www.example.com/CCMAdmin/serverlist.asp?findBy=servername&match=begins&pattern=[xss]
 
Источник
www.exploit-db.com

Похожие темы