Full Disclosure: Re: [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability

Re: [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability

From: str0ke <str0ke () milw0rm com>
Date: Thu, 17 Jan 2008 12:40:43 -0600

Fredrick Diggle wrote:

#######################################################################

=======
3) Proof of Concept
=======

1. Open Notepad
2. Enter the following text
<script>alert("xss");</script>
3. Save file as "exploit.html"
4. double click the payload file

#######################################################################

lmfao.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

[FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability Fredrick Diggle (Jan 17)
- Re: [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability Nate McFeters (Jan 17)
  - Re: [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability T Biehn (Jan 17)
  - Re: [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability M . B . Jr . (Jan 17)
- Re: [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability str0ke (Jan 17)
  - Re: [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability worried security (Jan 17)
- Re: [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability Sascha Roeske (Jan 17)
  - Re: [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability Fredrick Diggle (Jan 17)
- Re: [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability BlackHawk (Jan 17)
  - Re: [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability M . B . Jr . (Jan 17)