eFront 3.6.14.4 Cross Site Scripting

eFront 3.6.14.4 Cross Site Scripting: Posted Jun 9, 2014; Authored by shyamkumar somana; eFront version 3.6.14.4 suffers from a persistent cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 1bfdf4e5e313b86bfab44f3a367b4a1b877f0878569acb12a689d5637c0cde75; Download | Favorite | View

eFront 3.6.14.4 Cross Site Scripting

# Exploit Title: Persistent Cross Site Scripting Vulnerability in eFront
3.6.14.4
# Date: 05 June 2014
# Exploit Author: shyamkumar somana
# Vendor Homepage: http://www.efrontlearning.net
# Software Link:
https://sourceforge.net/projects/efrontlearning/files/latest/download
# Version: 3.6.14.4
# Tested on: Windows 7
 
#################################################
eFront 3.6.14.4 is vulnerable for a Persistent Cross Site Scripting
Vulnerability.
The vulnerability affects 'surname' parameter(Last Name Field) while
updating the account details.
 
Vendor has supplied a workaround for the vulnerability which can be found
at
 
https://github.com/epignosis/efront_open_source/issues/5
 
#################################################
Greetz : oldmanlab, Jinen Patel

Top Authors In Last 30 Days

Red Hat 234 files
Ubuntu 78 files
Debian 22 files
Gentoo 15 files
tmrswrr 6 files
Jann Horn 4 files
Google Security Research 4 files
Amit Roy 4 files
Furkan Eren Tetik 3 files
ron190 3 files

File Archives

Systems

AIX (429)
Apple (2,089)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,073)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,515)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,207)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,190)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,613)
UNIX (9,424)
UnixWare (187)
Windows (6,665)
Other

eFront 3.6.14.4 Cross Site Scripting

eFront 3.6.14.4 Cross Site Scripting

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

eFront 3.6.14.4 Cross Site Scripting

Share This

eFront 3.6.14.4 Cross Site Scripting

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems