Title: Recherche Cross-Site Scripting Vulnerability
Severity: HIGH
Description:
Recherche is a search application which is designed to be implemented in web sites. Recherche is maintained by PHP Gratuit.
Recherche does not filter script code from URL parameters, making it prone to cross-site scripting attacks. Attacker-supplied script code may be included in a malicious link to the 'add.php3' script. The attacker-supplied script code will be executed in the browser of a web user who visits this malicious link, in the security context of the host running Recherche. Such a malicious link might be included in a HTML e-mail or on a malicious webpage.
This may enable a remote attacker to steal cookie-based authentication credentials from legitimate users of a website running Recherche.
Affected Products:
- PHP Gratuit Recherche 1.3.0
References:
- PHP Gratuit: Recherche Homepage
- frog frog <leseulfrog@hotmail.com>: Security holes in 11 products...
