<<< Date Index >>>     <<< Thread Index >>>

Interspire ArticleLive 2005 (php version) is vulnerable to XSS




Can you please confirm my suggestion that:

Interspire ArticleLive 2005 (php version) is vulnerable to XSS:

e.g.

http://localhost/articles/newcomment?ArticleId=";>&lt;script&gt;alert('hi')&lt;/script&gt;

// best wishes, mircia [mircia@xxxxxxxxxxxxxxxxxx]