[Full-disclosure] XSS Vector at www.titus.de

TITUS is a large german mailorder for skateboards and extreme sports
related stuff. On the TITUS Homepage you can find a damn huge community
(about 20.000 registered user).

Inside the community a registred member can send IMs to other users, send
eMails via web interface and drop orders to the mailorder.

At the community rush hour nearly 5000 users are online at the same time. Easy
to figure out what will happen when an XSS worm hits the site.

And thats the point. The webmailer system offers an offensive vector for XSS
attacks. If you send a mail (no need to type an receiver adress) with the
following content, you have successfully executed a custom (malicious) script
on the page:

"><script type="text/javascript">alert(document.cookie);</script><a href="

I've already sent a mail to the technical team at titus.de, but there wasn't
an answer neither a fix.


freemail adverts:

Viel oder wenig? Schnell oder langsam? Unbegrenzt surfen + telefonieren
ohne Zeit- und Volumenbegrenzung? DAS TOP ANGEBOT JETZT bei Arcor: günstig
und schnell mit DSL - das All-Inclusive-Paket für clevere Doppel-Sparer,
nur 44,85 ? inkl. DSL- und ISDN-Grundgebühr!

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/