header-logo
Suggest Exploit
vendor:
Classified Script
by:
r007k17
7.5
CVSS
HIGH
Cross-Site Scripting
79
CWE
Product Name: Classified Script
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested: Unknown
Unknown

Cross-Site Scripting Vulnerability in Classified Script

The Classified Script is vulnerable to a cross-site scripting (XSS) attack due to inadequate sanitization of user-supplied data. An attacker can exploit this vulnerability to execute arbitrary script code in the browser of an unsuspecting user, potentially leading to the theft of authentication credentials and other malicious activities.

Mitigation:

To mitigate this vulnerability, it is recommended to implement proper input validation and sanitization techniques to ensure that user-supplied data is properly encoded or filtered.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/48564/info

Classified Script is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. 

http://www.example.com/c-BrowseClassified/q:%5C%22%3E%3Cmarquee%3E%3Ch1%3EXSSed%20By%20r007k17%3C/h1%3E%3C/marquee%3E|p:0|gal:0|typ:|/