Re: Cross-site Scripting with Local Privilege Vulnerability in Yahoo Messenger
- From: Outlaw@xxxxxxxxxxxxxxxxx
- Date: 27 Jan 2007 02:51:58 -0000
This Vulnerability works even when you put your script (<img src="javascript:alert('Executed from ' + top.location)" >) in nickname and you can insert HTML codes in Nickname and Lastname.
- Prev by Date: stompy the session stomper - tool availability
- Next by Date: Full Disclosure: Arbitrary Code Execution in LedgerSMB CVE-2006-5872
- Previous by thread: Re: Cross-site Scripting with Local Privilege Vulnerability in Yahoo Messenger
- Next by thread: PHP Membership Manager Cross-Site Scripting Vulnerability
- Index(es):
