Adobe Acrobat Reader Plugin <= 7.0.x (acroreader) XSS Vulnerability
<p>[code]</p><pre># Stefano Di Paola# [url]http://www.wisec.it/[/url]
From Secunia:
Input passed to a hosted PDF file is not properly sanitised by the browser plug-in
before being returned to users. This can be exploited to execute arbitrary script code in
a user's browser session in context of an affected site.
Example:
- http://[host]/[filename].pdf#[some text]=javascript:[code]
</pre><p>[/code]</p>
页:
[1]