Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web :: CMS / Portals :: b06-2865.htm

Contensis CMS XSS vunerability



Contensis CMS XSS vunerability
Contensis CMS XSS vunerability



Hello,=0D
=0D
I have discovered a XSS vunerability in the Contensis=0D
CMS. =0D
=0D
Input passed to the "search" parameter when performing=0D
a search and various fields when using the search isn't properly sanitised ...=0D
=0D
The vendors own site was tested in Windows Internet Explorer - the search funstion did not work at all in my versions of Safari or Firefox:=0D
http://www.contensis.net=0D 
=0D
Code example: =0D
=0D
=0D
thanks=0D
smigoftheDump


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH