Learn Search

Search across all Learn content

← Back to Security Research

ArticleSetup Multiple Persistence Cross-Site Scripting and SQL Injection Vulnerabilities

SecPod Research Team member (Antu Sanadi) has found Multiple Persistence Cross-Site Scripting and SQL Injection Vulnerabilities in ArticleSetup. The vulnerability is caused by improper validation of various parameters in multiple pages. This may allow an attacker to steal cookie-based authentication...

Mar 29, 2012By Veerendra GG1 min read

SecPod Research Team member (Antu Sanadi) has found Multiple Persistence Cross-Site Scripting and SQL Injection Vulnerabilities in ArticleSetup. The vulnerability is caused by improper validation of various parameters in multiple pages. This may allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

More information can be found here.

Welcome any feedback or suggestion.

Cheers!
SecPod Research Team

ArticleSetup Multiple Persistence Cross-Site Scripting and SQL Injecti | SecPod