Bugtraq: MyTrueHood.com - XSS

[luny () youfucktard com]

MyTrueHood.com

Homepage:
http://www.mytruehood.com

Effected files:
Input boxes of submitting a comment and signing a guestbook

XSS proof of concept:

put <IMG SRC="javascript:alert('XSS');">  in the signing aguestbook or leaving a comment in a blog box.