| 제목 | Astun Technology iShare Maps 5.4.0 Cross Site Scripting |
|---|
| 설명 | A reflected Cross-Site Scripting (XSS) vulnerability was discovered in the iShare Maps platform by Astun Technology, as used by the Dudley Metropolitan Borough Council website. The issue occurs in the Zoom parameter of the historic1.asp page, allowing attackers to inject and execute arbitrary JavaScript in the context of the user's browser. This vulnerability can be exploited remotely and may lead to session hijacking, phishing, or other malicious actions. The affected instance displays "Powered by iShare", confirming the use of the iShare platform. |
|---|
| 원천 | ⚠️ https://example.com/custom/historic1.asp?Zoom=wwww'%3E</script><img src="x" onerror=confirm(1)> |
|---|
| 사용자 | Alexandre Rodrigo (UID 76412) |
|---|
| 제출 | 2025. 05. 22. AM 05:04 (11 개월 ago) |
|---|
| 모더레이션 | 2025. 05. 30. PM 01:31 (8 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 310670 [Astun Technology iShare Maps 5.4.0 historic1.asp Zoom 크로스 사이트 스크립팅] |
|---|
| 포인트들 | 20 |
|---|