SHARE
CORE IMPACT v10 - Exploits Update (Mon Feb 01 2010)
Testlink login Cross Site Scripting Exploit
Exploits/Cross Site Scripting (XSS)/Known Vulnerabilities []
• Mon Feb 01 2010
A cross-site scripting vulnerability is present in TestLink before 1.8.5 allowing remote attackers to inject arbitrary web script or HTML via the req parameter to login.php.
Exploits Vulnerabiltiy: CVE-2009-4237