XSS-vulnerability base/admin/login.php?arsc_message=

Brought to you by: fantoms, pgod, sewilco

#48 XSS-vulnerability base/admin/login.php?arsc_message=

Status: open

Owner: nobody

Labels: None

Priority: 9

Updated: 2011-06-02

Created: 2011-06-02

Private: No

Your application contains lot of input validation bugs, which lead to XSS-vulnerabilities. One example:

Could you go trough your application and add proper validation to the code, thank you!

Henri Salo - 2011-06-02

priority: 5 --> 9
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Henri Salo - 2011-06-02

CVE-identifiers requested: http://www.openwall.com/lists/oss-security/2011/06/02/1

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Henri Salo - 2011-07-24

CVE-2011-2470 is assigned to arsc_message parameter vulnerability.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link: