[Full-Disclosure] Cross site scripting in Onecenter Forum 4.0

From: David F. Madrid (conde0@telefonica.net)
Date: 04/25/03

  • Next message: Valdis.Kletnieks_at_vt.edu: "Re: [Full-Disclosure] pissed off"
    From: "David F. Madrid" <conde0@telefonica.net>
    To: <full-disclosure@lists.netsys.com>
    Date: Fri, 25 Apr 2003 07:24:24 -0300 (ART)

    Issue : cross site scripting in Onecenter forum

    Affected Product : Onecenter forum 4.0

    Description :

    Onecenter offers a free discussion forum hosted in the company's servers (
    forum.onecenter.com ) . Any user in the forum is identified by a cookie
    that contains nick , name , mail address and password . This information
    can be easily obtained as you can add in your posts the img html tag with
    a custom script as follows

    <img src=javascript:alert(document.cookie);>

    To impersonate any user in the forum ( onecenter administrators would be a
    good choice , as you can report posts to them ) you just have to build a
    cookie like the one obtained and visit the forum .

    Regards ,
    David F. Madrid
    Madrid , Spain
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

  • Next message: Valdis.Kletnieks_at_vt.edu: "Re: [Full-Disclosure] pissed off"