Version 1
Multiple Cross-site Scripting Vulnerabilities
Created by: Lester Caine, Last modification: 10 Dec 2008 (08:02 UTC) by Lester Caine
This report has been duplicated across several sites, some of which to not list the reported pages. The Secunia report has a list of pages that can be tested and these are all now handled correctly
bitweaver Multiple Cross-Site Scripting Vulnerabilities
Secunia Advisory: SA32014
Example of exploit:
(:exclaim:) A suitable example of that was used to test would be nice ... <script>alert('hi!');</script> is being used for test purposes.
As the problem has been addressed within the core processing of bitweaver, it is not anticipated that other pages would not be processed in the same way.
bitweaver Multiple Cross-Site Scripting Vulnerabilities
Secunia Advisory: SA32014
Example of exploit:
(:exclaim:) A suitable example of that was used to test would be nice ... <script>alert('hi!');</script> is being used for test purposes.
As the problem has been addressed within the core processing of bitweaver, it is not anticipated that other pages would not be processed in the same way.
- articles/edit.php
- articles/list.php
- blogs/list_blogs.php
- blogs/rankings.php
- calendar/index.php
- events/calendar.php
- events/index.php
- events/list_events.php
- fisheye/index.php
- fisheye/list_galleries.php
- liberty/list_content.php
- newsletters/edition.php
- pigeonholes/list.php
- recommends/index.php
- rss/index.php
- stars/index.php
- users/remind_password.php
- wiki/orphan_pages.php
- stats/index.php