Cross Site Scripting (XSS) Found in Magix - FOCSoft

Description:-

An independent vulnerability researcher has discovered a Cross-Site Scripting (XSS) vulnerability in Magix Website www.catooh.com, which can be exploited by an attacker to conduct XSS attacks.


Proof of concept:-

http://www.catooh.com/us/sys/id/Katalog/area/8039/"/index.php?resize=0&popid=10&part=body&mediaId=%22%27%3Cimg%20src=x%20onerror=prompt%281%29%3E

FOCSoft.BlogSpot.Com

Conclusion:-

This vulnerability has been confirmed and patched by Magix Security Team. I would like to thank them for their quick response to my report.

Magix Hall of Fame:-

http://research.magix.com/

FOCSoft.BlogSpot.Com

Please Share This Post With Your Frinds :) FOCSoft

SOCIALIZE IT →

Tweet

FOLLOW US →

SHARE IT →