Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos network security services platform

Bugtraq: XSS on XRMS- open source CRM

XSS on XRMS- open source CRM

From: <vijayv_at_cascentral.com>
Date: 28 Feb 2008 17:24:00 -0000

('binary' encoding is not supported, stored as-is) XRMS: An open source web enabled LAMP based CRM.
Vulnerability: Confirmation messages upon updates in XRMS are clear text passed across in the URL. Simple test of injection of a script resulted in exposing cross site scripting vulnerability.
Received on Feb 28 2008

This message: [ Message body ]
Next message: rPath Update Announcements: "rPSA-2008-0084-1 lighttpd"
Previous message: Raymond_Villafania_at_support.trendmicro.com: "RE: Buffer-overflow in the passwords handling of Trend Micro OfficeScan 8.0 and possibly other products"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]