[Full-disclosure] Adobe Web-Site Persistence XSS
- From: asish agarwalla <asishagarwalla@xxxxxxxxx>
- Date: Tue, 1 Nov 2011 10:12:32 +0530
Title:
======
Adobe Web-Site Persistence XSS
Status:
========
Unpatched
Details:
========
1. Signin to adobe.com
2. Go to My information
3. Change Screen Name to
'><script>alert("xss"); or '><script>alert("xss");4. Go to My adobe
@Asish (asishagarwalla@xxxxxxxxx)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Prev by Date: [Full-disclosure] [ GLSA 201111-01 ] Chromium, V8: Multiple vulnerabilities
- Next by Date: [Full-disclosure] DDIVRT-2011-33 IBM WebSphere Application Server 'help' Servlet Plug-in Bundle Directory Traversal [CVE-2011-1359]
- Previous by thread: [Full-disclosure] [ GLSA 201111-01 ] Chromium, V8: Multiple vulnerabilities
- Next by thread: [Full-disclosure] DDIVRT-2011-33 IBM WebSphere Application Server 'help' Servlet Plug-in Bundle Directory Traversal [CVE-2011-1359]
- Index(es):
