zerogue Fri, 26 May 2006 13:13:16 -0700
Assetman <= 2.4a XSS
Discovered by: Nomenumbra Date: 23/5/2006 impact:moderate (privilege escalation,possible defacement) Assetman doesn't filter any of it's input, allowing users to inject arbitrary HTML or javascript code. Nomenumbra
