Home Vendor Advisories Open Source Vul DB Rialto forminfo.asp refno Variable XSS

Wednesday, 03 December 2008

Main Menu Home About us Contact us Services Partners Downloads Online Services Remote Support Helpdesk Backup Reminders Partners We ensure the highest level of vendor support for our clients & have established alliances with the following vendors: Services Spotlight Consulting Our staff have been both technical services providers and managers of IT departments, this enables us to help you to understand your options through independent advice. Read more...   Login Username Password Remember me Lost Password? Tech Zone Vendor Advisories Cisco Microsoft Open Source Vul DB Products Industry News

Rialto forminfo.asp refno Variable XSS Sunday, 19 November 2006 Rialto contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'refno' variable upon submission to the forminfo.asp script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity. Read more...

This page was loaded in 0.233 seconds.