Vulnerability   
Search   
    Search 202850 CVE descriptions
and 87302 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.11470
Category:CGI abuses
Title:WebChat XSS
Summary:NOSUMMARY
Description:Description:

The remote host is vulnerable to a cross site scripting attack through
its web chat module :

- An attacker may create a new user with a bogus email address containing
javascript code
- Then the profile of the newly created user or the 'lost password' page
for this user will display the unprocessed java script to the user


An attacker may use this flaw to steal the cookies of your regular users

Risk factor : Medium
Solution : None at this time, contact the vendor at http://www.webscriptworld.com

Cross-Ref: BugTraq ID: 7190
CopyrightThis script is Copyright (C) 2003 Renaud Deraison

This is only one of 87302 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.