<<< Date Index >>>     <<< Thread Index >>>

Assetman <= 2.4a XSS



Assetman <= 2.4a XSS

Discovered by: Nomenumbra
Date: 23/5/2006
impact:moderate (privilege escalation,possible defacement)

Assetman doesn't filter any of it's input, allowing users
to inject arbitrary HTML or javascript code.

Nomenumbra