AOH :: HP Unsorted A :: BU-1887.HTM

ARISg5 (version 5.0) cross site scripting vulnerability



ARISg5 (version 5.0) cross site scripting vulnerability
ARISg5 (version 5.0) cross site scripting vulnerability



Hello,
Please see the following report:

ARISg5 (version 5.0) cross site scripting vulnerability
-----------------------------------------------------------------------
Application name: ARISg5 (arisglobal)
Version: 5.0
Class: Input Validation Error 
Type: Cross Site Scripting (XSS)
Remote: Yes
Credit: Yaniv Miron
Exploit:

http://SERVER_ADDRESS/Aris/wflogin.jsp?errmsg=XSS msg

Yaniv Miron aka "Lament".
lament@ilhack.org 


The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.