Altavista BabelFish XSS Hole

[mattmurphy () kc rr com (Matthew Murphy)]

Babelfish is Altavista's automated translation tool.  It is used by the
various "Translate" links on the site and in search results.  A malformed
translation can result in cross-site scripting.  By requesting a translation
of HTML, it is possible to execute script code as the AltaVista domain.

Initially, this hole presented a unique challenge -- exploiting the
vulnerability so that the JavaScript code would not change, even when
applied across two languages.  However, Babelfish creates a textarea with
the supplied data still intact, so exploitation is much easier.  By starting
the translation with "</TEXTAREA>", an attacker can cause the original data
to be launched as well.

"The reason the mainstream is thought
of as a stream is because it is
so shallow."
                     - Author Unknown