-------------------------------------------------------------------- Title: Macromedia Sitespring Cross Site Scripting BUG-ID: 2002032 Released: 17th Jul 2002 -------------------------------------------------------------------- Problem: ======== A malicious user could use a default error page as the basis for a cross site scripting attack. Vulnerable: =========== - Macromedia Sitespring V1.2.0(277.1) on Windows 2000 Server Details: ======== The default HTTP 500 error script does not check the contents of the error ticket (et) parameter before outputting it. That makes it possible to inject eg. javascript in the URL. http://server/error/500error.jsp?et=1