Skip to Content Skip to Menu

🕒 Save Time and Effort with CB Editor Assistant: Effortlessly create and refine content in Joomla 3, 4, & 5.
🎁 Limited Offer: Enjoy a 5-day FREE trial and save up to 30% afterward!
Try It!

Cross-site scripting vulnerability caused by CB Connect

12 years 2 months ago - 12 years 2 months ago #214307 by timurdavidov
Replied by timurdavidov on topic Re: Cross-site scripting vulnerability caused by CB Connect
To answer you latest question: this happens only when I am NOT logged in.

As soon as I log in, this doesn't happen.

And if I add
Code:
?foobar'});}};--></script>foobar2<script>alert(42)</script>
to any URL after a forward slash, it happens again.

Example:
Code:
mysite.com/?foobar'});}};--></script>foobar2<script>alert(42)</script>


Thanks.
Last edit: 12 years 2 months ago by timurdavidov.

Please Log in or Create an account to join the conversation.

Moderators: beatnantkrileon
Powered by Kunena Forum