Acunetix discovered XSS vulnerabilities! (localhost site) - Joomla! Forum - community, help and support
hi,
first of all, apologize english.
acunetix discovered xss vulnerabilities on localhost joomla! 2.5.8 website.
there more 5000 high level alerts found (and scanning not finished)!
as can see (there many results , dont understand everything), vulnerabilities related contact forms.
in cases, these vulnerability descriptions:
attack details
path fragment input - set 09" onmouseover=prompt(936561) bad="
the input reflected inside tag parameter between double quotes.
attack details
url encoded input limitstart set 0" onmouseover=prompt(949486) bad="
the input reflected inside tag parameter between double quotes.
attack details
url encoded input start set 5" onmouseover=prompt(931283) bad="
the input reflected inside tag parameter between double quotes.
attack details
url encoded input amp;view set featured" onmouseover=prompt(992604) bad="
the input reflected inside tag parameter between double quotes.
attack details
url encoded input amp;limitstart set 0" onmouseover=prompt(916266) bad="
the input reflected inside tag parameter between double quotes.
attack details
url encoded input task set weblink.go" onmouseover=prompt(917344) bad="
the input reflected inside tag parameter between double quotes.
...
i finished site, , plans copy remote host... but, after these results not know
please, can give me advice.
first of all, apologize english.
acunetix discovered xss vulnerabilities on localhost joomla! 2.5.8 website.
there more 5000 high level alerts found (and scanning not finished)!
as can see (there many results , dont understand everything), vulnerabilities related contact forms.
in cases, these vulnerability descriptions:
attack details
path fragment input - set 09" onmouseover=prompt(936561) bad="
the input reflected inside tag parameter between double quotes.
attack details
url encoded input limitstart set 0" onmouseover=prompt(949486) bad="
the input reflected inside tag parameter between double quotes.
attack details
url encoded input start set 5" onmouseover=prompt(931283) bad="
the input reflected inside tag parameter between double quotes.
attack details
url encoded input amp;view set featured" onmouseover=prompt(992604) bad="
the input reflected inside tag parameter between double quotes.
attack details
url encoded input amp;limitstart set 0" onmouseover=prompt(916266) bad="
the input reflected inside tag parameter between double quotes.
attack details
url encoded input task set weblink.go" onmouseover=prompt(917344) bad="
the input reflected inside tag parameter between double quotes.
...
i finished site, , plans copy remote host... but, after these results not know
please, can give me advice.
please scanning script developer report here response
Comments
Post a Comment