[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
vBulletin v3.6.5 admincp/index.php ( rss feed ) xss vuln.
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: vBulletin v3.6.5 admincp/index.php ( rss feed ) xss vuln.
- From: meto5757@xxxxxxxxxxx
- Date: 2 Mar 2007 05:06:01 -0000
vBulletin® v3.6.5 has an xss vuln in admincp/index.php in rss feed .
exactlly in add rss url
by adding : "><script>alert(document.cookie);</script>
a cool messege box appear with cookies ;)
earlier versions affected also .
-----------------------------------------------------------------------------
Discovered by meto5757
-----------------------------------------------------------------------------