AOH :: HP Unsorted C :: TB11925.HTM

ContentDM Search.php XSS Vulnerability



ContentDM Search.php XSS Vulnerability
ContentDM Search.php XSS Vulnerability



ContentDM has a XSS vulnerability.
Many .gov sites run this software.
CDM fails to block special charachters etc so by searching for  We can make a popup saying XSS.
An attacker could steal cookies, redirect the page etc.
Found by Me(Rhys Phillips)
Date found: 3rd August 2007
Date Released: 3rd August 2007
Vendor has been contacted.

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.