XSS vulnerability can be exploited with the viewppt macro

XMLWordPrintable

      Upload a file test.ppt

      Use markup:

      {viewppt:test.ppt|height=<script>alert("xss")</script>|width=<script>alert("xss")</script>}

      The scripts will be executed when the page is loaded.

            Assignee:
            m@ (Inactive)
            Reporter:
            Mark Hrynczak (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: