>> # Exploit Title: Serena Business Manager < 10.01 DOM XSS Vulnerability >> # Date: 11-feb-16 >> # Exploit Author: Zeroday.pro Labs >> # Software Link: http://ift.tt/1LlACdE >> # Version: Tested and working on 10.01.04.01.1068 (build 10) >> Serena Business Manager is vulnerable to a DOM cross-site scripting (XSS) attack. The attack allows execution of arbitrary JavaScript in the context of the user’s browser. >> Vulnerability resides in source location.href at tmtrack.dll and sink jQuery.html >> >> Example: >> The SBM User Workspace cannot be embedded in another frame.
1337 >>
Source: Gmail -> IFTTT-> Blogger
No comments:
Post a Comment