Webfolio <= 1.1.4 Multiple XSS

Posted on mercoledì 7 marzo 2012 by Ivano Binetti

WebfolioCMS 1.1.4 (and lower) is prone to multiple XSS vulnerabilities in "webfolio/admin/users/edit/<used_id>" pages  - where <used_id> = 1....n - due to an improper input sanitization.

To download my Original Advisory:
Webfolio <= 1.1.4 Multiple XSS

Other publications:
http://packetstormsecurity.org/files/110524/Webfolio-CMS-1.1.4-Cross-Site-Scripting.html
http://1337day.com/exploits/17634

0 Responses to "Webfolio <= 1.1.4 Multiple XSS":