SHARE
CORE IMPACT v9 - Exploits Update (Mon Dec 07 2009)
Achievo atksearch Cross Site Scripting Exploit
Exploits/Cross Site Scripting (XSS)/Known Vulnerabilities []
• Mon Dec 07 2009
A Reflected Cross Site Scripting vulnerability was found in the atksearch[contractnumber], atksearch_AE_customer[customer] and atksearchmode[contracttype] variables within the 'Organisation Contracts' administration page. This is because the application does not properly sanitise the users input.
Exploits Vulnerabiltiy: CVE-2009-2733