header-logo
Suggest Exploit
vendor:
BGS CMS
by:
5.5
CVSS
MEDIUM
Cross-Site Scripting
79
CWE
Product Name: BGS CMS
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:

BGSvetionik BGS CMS Cross-Site Scripting Vulnerability

BGSvetionik BGS CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

Mitigation:

The vendor should update the software to properly sanitize user-supplied input to prevent cross-site scripting attacks. It is recommended to apply the latest patches and updates as they become available.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/38264/info

BGSvetionik BGS CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. 

http://www.example.com/?action=search&search=[XSS]