/*  
    Kuon <Armorize Security Team>

    Kuon-[at]-Armorize.com

    YaPiG thanks_comment.php Cross-Site Scripting Vulnerability

    Contact : Kuon-[at]-Armorize.com

    Link : www.Armorize.com
*/

Armorize Technologies Security Advisory

Advisory No: 20061001
Date: 2006/08/25

Affected Software: 
yapig 0.95b

Vulnerability Description: 
Cross-Site Scripting Vulnerability

Detection/Exploit:
http://www.example.com/[PATH]/template/default/thanks_comment.php?D_REFRESH_URL=[XSS]

Disclosure Timeline:
2006/08/17

Armorize Technologies provides next-generation source code analysis tools to help developers identify and remediate vulnerabilities in their web application source. CodeSecure™, Armorize’s premier source code analysis tool is available for analysis of PHP, JSP and ASP. Find out more at www.armorize.com .