<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

WebApp Sec: HTTP Response URI XSS but not in 302 Body

HTTP Response URI XSS but not in 302 Body

From: <Robert.L.Grill_at_wellsfargo.com>
Date: Thu, 1 Jul 2004 12:24:37 -0700

Has anyone had an instance where they saw a successful Cross Site Scripting
Exploit by receiving a script in a URL response but not in the body of the
returned document.

For example:

HTTP/1.1 302 Moved Temporarily
Server: Sun-ONE-Web-Server/6.1
Date: Tue, 29 Jun 2004 00:26:25 GMT
Content-type: text/html
Location:
http://www.website.com/search/tips.jhtml?statusCode=zeroresults&query=hello&
searchscope=>"><script>alert('XSS')</script>&userQueryCorrected=hello&_reque
stid=10756
Connection: close

<HEAD><TITLE>302 Moved Temporarily</TITLE></HEAD>
<H1>302 Moved Temporarily</H1><BODY>
</BODY>

Thanks,

Bob
Received on Jul 01 2004

This message: [ Message body ]
Next message: Mark Curphey: "RE: Securing encrypted data in RAM vs MSSQL"
Previous message: Bénoni MARTIN: "RE: Securing encrypted data in RAM vs MSSQL"
Next in thread: Tim: "Re: HTTP Response URI XSS but not in 302 Body"
Reply: Tim: "Re: HTTP Response URI XSS but not in 302 Body"
Reply: Paul Johnston: "Re: HTTP Response URI XSS but not in 302 Body"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]