[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Contensis CMS XSS vunerability
I have discovered a XSS vunerability in the Contensis
Input passed to the "search" parameter when performing
a search and various fields when using the search isn't properly sanitised ...
The vendors own site was tested in Windows Internet Explorer - the search funstion did not work at all in my versions of Safari or Firefox:
Code example: <script>alert('hello world');</script>