FosWiki web application vulnerable to Cross Site Scripting

Sponsored Links

A hacker called "Sony" discovered XSS vulnerability in Foswiki web application, Foswiki is not just a wiki. It is a collaboration platform that provides users with the ability to structure data and build applications..

According to his report, many fields in Foswiki's form are vulnerable to XSS including "My Homepage","comment". Also, lot of websites using the Foswiki web application are vulnerable to XSS.

Most of educational sites(standford.edu,uchicago.edu,mit.edu), government sites and organizations use the Foswiki web application .

Poc:
http://foswiki.org/Main/SonyStyles

Category: / /

Share this with Your friends: