Tuesday 18 December 2012

[EN] FIAGallery 2.16 Persistent XSS

Sure it's another 'admin' XSS, anyway - bug is bug ;)

XSSed parameter 
Check it out at http://wordpress.org/extend/plugins/flash-album-gallery/.

Add htmlentities() to display this variable.

No comments:

Post a Comment

What do You think...?