- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 23605
- Проверка EDB
-
- Пройдено
- Автор
- CéSAR FERNáNDEZ
- Тип уязвимости
- REMOTE
- Платформа
- SOLARIS
- CVE
- cve-2004-2171
- Дата публикации
- 2004-01-26
Код:
source: https://www.securityfocus.com/bid/9496/info
Cherokee has been reported to contain a cross-site scripting vulnerability via error pages.
An attacker can exploit this issue by crafting a URI link containing the malevolent HTML or script code, and enticing a user to follow it. The attacker-supplied code may be rendered in the web browser of a user who follows the malicious link. Exploitation of this issue may allow for theft of cookie-based authentication credentials or other attacks.
http://www.example.com/<script>alert(document.cookie)</script>- Источник
- www.exploit-db.com
