Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » HNS Multiple Cross-Site Scripting Vulnerability

HNS Multiple Cross-Site Scripting Vulnerability

by Nikola Strahija on February 18th, 2002 Cross-site scripting issues have been discovered in the log.cgi and title.cgi scripts. This may enable an attacker to cause arbitrary script code to be executed on legitimate users of the web diary. Script code will be executed in the legitimate user's browser, in the context of the vulnerable website.


Hyper NIKKI System (hns) is web diary software. It will run on most Unix and Linux variants.

This issue may be exploited by an attacker to steal cookie-based authentication credentials from a user of the web diary.

Remote: Yes

Exploit: There is no exploit code.


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »