The provided text describes a cross-site scripting (XSS) vulnerability in Siena CMS 1.242, where insufficient sanitization of user-supplied data allows arbitrary script execution in the context of the affected site. The vulnerability can be exploited via the 'err' parameter in the URL.
Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:Siena CMS 1.242
No auth needed
Prerequisites:Access to the target URL with the vulnerable parameter