- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 30771
- Проверка EDB
-
- Пройдено
- Автор
- JAN FRY
- Тип уязвимости
- REMOTE
- Платформа
- MULTIPLE
- CVE
- cve-2007-6054
- Дата публикации
- 2007-11-15
Код:
source: https://www.securityfocus.com/bid/26465/info
Aruba MC-800 Mobility Controller is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input data.
Exploiting this issue may allow an attacker to execute HTML and script code in the context of the affected site, to steal cookie-based authentication credentials, or to control how the site is rendered to the user; other attacks are also possible.
https://www.example.com:4343/screens/%22/%3E%3Cscript%3Ealert(1)%3C/script%3E- Источник
- www.exploit-db.com
