Plume CMS “dir” XSS

Published by TL Guan March 20th, 2008 in Content Management and Cross Site Scripting.

Application: Plume CMS
Affected Version: 1.2.2 and other versions.
Vendor’s URL: http://www.plume-cms.net/
Bug Type: Cross Site Scripting
Risk Level: Medium

Solution:
Edit the source code to ensure that input is properly sanitized.

0 Responses to “Plume CMS “dir” XSS”

Feed for this Entry Trackback Address

No Comments

You must login to post a comment.

Exabytes Security Portal

Categories

Plume CMS “dir” XSS

0 Responses to “Plume CMS “dir” XSS”

Leave a Reply

Search

Subscribe

Latest

Archives