Exploit Discuz! 2.0/3.0 - Cross-Site Scripting

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
23653
Проверка EDB
  1. Пройдено
Автор
CHENG PENG SU
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
cve-2004-0254
Дата публикации
2004-02-05
Код:
source: https://www.securityfocus.com/bid/9584/info

It has been reported that Discuz! is prone to an Cross Site Scripting vulnerability. This issue is caused by the application failing to properly sanitize links embedded within user messages. Upon successful exploitation of this issue, a malicious user could steal cookie based authentication credentials or other information within the context of the affected web page.

[img]http://a.gif');alert(document.cookie);a=escape=('a[/img]
 
Источник
www.exploit-db.com

Похожие темы