CGI abuses : WebChat XSS

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.11470

Category: CGI abuses

Title: WebChat XSS

Summary: NOSUMMARY

Description: Description:

The remote host is vulnerable to a cross site scripting attack through
its web chat module :

- An attacker may create a new user with a bogus email address containing
javascript code
- Then the profile of the newly created user or the 'lost password' page
for this user will display the unprocessed java script to the user

An attacker may use this flaw to steal the cookies of your regular users

Risk factor : Medium
Solution : None at this time, contact the vendor at http://www.webscriptworld.com

Cross-Ref: BugTraq ID: 7190

Copyright This script is Copyright (C) 2003 Renaud Deraison

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.11470
Category:	CGI abuses
Title:	WebChat XSS
Summary:	NOSUMMARY
Description:	Description: The remote host is vulnerable to a cross site scripting attack through its web chat module : - An attacker may create a new user with a bogus email address containing javascript code - Then the profile of the newly created user or the 'lost password' page for this user will display the unprocessed java script to the user An attacker may use this flaw to steal the cookies of your regular users Risk factor : Medium Solution : None at this time, contact the vendor at http://www.webscriptworld.com
Cross-Ref:	BugTraq ID: 7190
Copyright	This script is Copyright (C) 2003 Renaud Deraison