- 漏洞信息

94331
TaxiMonger for Android Registration Username XSS
Remote / Network Access, Mobile Phone / Hand-held Device Input Manipulation
Loss of Integrity Solution Unknown
Exploit Public Uncoordinated Disclosure

- 漏洞描述

TaxiMonger for Android contains a flaw that allows a persistent cross-site scripting (XSS) attack. This flaw exists because the application does not validate input passed via the 'Username' field in the registration module. This may allow an attacker to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

- 时间线

2013-06-15 Unknow
2013-06-15 Unknow

- 解决方案

OSVDB is not currently aware of a solution for this vulnerability.

- 相关参考

- 漏洞作者

Unknown or Incomplete
 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站