Home page logo
/

bugtraq logo Bugtraq mailing list archives

XSS bug in hotmail login page
From: "Peter Rdam" <hell () weedmail com>
Date: Sun, 6 Oct 2002 14:03:14 -0700

Goodevening people,

I've found a "little (not sure)" xss bug in the Hotmail login page, i just started to learn about xss bugs. I didnt 
tryd to much on this, i even contacted Microsoft. They prolly very busy with counting do, or its a harmless bug.. got 
no idea ;). They didnt reacted, and im pretty curious about what is possible with the bug. And i actually hope that 
someone can tell me about it and maybe Microsoft will do something about it.. so check it out.. the + sign is filterd 
out.. and hey be cool.. dunno whats possible with it.. but keep it to exploiting i would say.. Hope someone can explain 
what is possible with this bug.. im worried about my hotmail addy security (lol) 

http://lc2.law5.hotmail.passport.com/cgi-bin/login?_lang=&id=2&fs=1&cb=";><script>alert(document.cookie)</script>&ct=1033054530&_setlang=


Regards,
Addic
RDMNL
P.S. Sorry for my bad englisch :P 



------------------------------------------------------------
Nigerian Scam !! READ if you've received  a request!!
http://www.secretservice.gov/alert419.shtml


---------------------------------------------------------------------
Express yourself with a super cool email address from BigMailBox.com.
Hundreds of choices. It's free!
http://www.bigmailbox.com
---------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]