Caramail.com : cross scripting
From: frog frog (leseulfrog@hotmail.com)Date: 12/20/01
- Previous message: the Pull: "Internet Explorer Document.Open() Without Close() Cookie Stealing, File Reading, Site Spoofing Bug"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 20 Dec 2001 08:14:06 -0000 From: frog frog <leseulfrog@hotmail.com> To: bugtraq@securityfocus.com('binary' encoding is not supported, stored as-is)
on all the servers :
www1 ===> www50 :
www45.caramail.com/general.jsp?
ERROR=<script>alert('hum...')</script>
frog
- Previous message: the Pull: "Internet Explorer Document.Open() Without Close() Cookie Stealing, File Reading, Site Spoofing Bug"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
