Arbitrary Javascript Execution via Cross-Site Scripting (XSS) in Faq-O-Matic 2.712

Arbitrary Javascript Execution via Cross-Site Scripting (XSS) in Faq-O-Matic 2.712

CVE-2002-0230 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

Cross-site scripting vulnerability in fom.cgi of Faq-O-Matic 2.712 allows remote attackers to execute arbitrary Javascript on other clients via the cmd parameter, which causes the script to be inserted into an error message.

Learn more about our Web Application Penetration Testing UK.