[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Manila <= 9.5 - XSS Vulnerabilities
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: Manila <= 9.5 - XSS Vulnerabilities
- From: d4igoro@xxxxxxxxx
- Date: 11 Apr 2006 21:19:26 -0000
Manila <= 9.5 - XSS Vulnerabilities
--------------------------------------------------------
Software: Manila
Version: <= 9.5
Type: Cross Side Scripting Vulnerability
Date: Die Apr 11 21:33:54 CEST 2006
Vendor: UserLand Software
Page: http://manila.userland.com/
Risc: Middle
credits:
----------------------------
d4igoro - d4igoro[at]gmail[dot]com
http://d4igoro.blogspot.com/
vulnerability:
----------------------------
http://[target]/discuss/msgReader$1?mode=[XSS]
http://[target]/newsItems/viewDepartment$[XSS]
solution:
----------------------------
There isn't a solution yet.
notes:
----------------------------
At the time of posting no known official patches are available for this
vulnerability.
The vendor has been informed.