Exploit Database - Logo

Xerox DocuShare 6 - docushare/dsweb/ServicesLib/Group URI Cross-Site Scripting

EDB-ID: 31864 Author: Doz Published: 2008-05-29
CVE: CVE-2008-5225 Type: Remote Platform: Hardware
Aliases: N/A Advisory/Source: Link Tags: N/A
E-DB Verified: Verified Exploit: Download Exploit Code Download / View Raw Vulnerable App: N/A
« Previous Exploit Next Exploit » 
source: http://www.securityfocus.com/bid/29430/info
  
Xerox DocuShare is prone to multiple cross-site scripting vulnerabilities.
  
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
  
Xerox DocuShare 6 and prior versions are vulnerable.

http://www.example.com/docushare/dsweb/ServicesLib/Group-#/XSS
« Previous Exploit Next Exploit »

Related Exploits

Trying to match CVEs (1): CVE-2008-5225
Trying to match OSVDBs (1): 45749
Other Possible E-DB Search Terms: Xerox DocuShare 6,  Xerox DocuShare
Date D V Title Author
2014-04-15 Waiting verification Xerox DocuShare - SQL InjectionBrandon Perry
2008-05-29 Verified Xerox DocuShare 6 - dsdn/dsweb/SearchResults URI Cross-Site ScriptingDoz
2008-05-29 Verified Xerox DocuShare 6 - dsdn/dsweb/Services/User URI Cross-Site ScriptingDoz
Menu