Bài liên quan
# Exploit Title: Persistent Cross Site Scripting Vulnerability in eFront3.6.14.4# Date: 05 June 2014# Exploit Author: shyamkumar somana# Vendor Homepage: http://www.efrontlearning.net# Software Link:https://sourceforge.net/projects/efrontlearning/files/latest/download# Version: 3.6.14.4#################################################eFront 3.6.14.4 is vulnerable for a Persistent Cross Site ScriptingVulnerability.The vulnerability affects 'surname' parameter(Last Name Field) whileupdating the account details.Vendor has supplied a workaround for the vulnerability which can be foundathttps://github.com/epignosis/efront_open_source/issues/5#################################################Greetz : oldmanlab, Jinen Patel
Post a Comment