header-logo
Suggest Exploit
vendor:
Mambo
by:
SecurityFocus
3.3
CVSS
MEDIUM
Cross-Site Scripting
79
CWE
Product Name: Mambo
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2005

Mambo Cross-Site Scripting Vulnerability

It has been reported that the Mambo 'index.php' script is prone to a cross-site scripting vulnerability. This issue is due to a failure of the application to properly validate user supplied URI input. This issue could permit a remote attacker to create a malicious link to the vulnerable application that includes hostile HTML and script code. If this link were followed, the hostile code may be rendered in the web browser of the victim user.

Mitigation:

Input validation should be used to ensure that user supplied data is properly sanitized.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/9890/info
 
It has been reported that the Mambo 'index.php' script is prone to a cross-site scripting vulnerability. This issue is due to a failure of the application to properly validate user supplied URI input. This issue could permit a remote attacker to create a malicious link to the vulnerable application that includes hostile HTML and script code. If this link were followed, the hostile code may be rendered in the web browser of the victim user.

http://www.example.com/index.php?mos_change_template=[XSS]

Navigation

Suggest Exploit

Services By CQR