[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] XSS in cookie

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: [Full-Disclosure] XSS in cookie
From: "offtopic" <offtopic@xxxxxxx>
Date: Wed, 28 Apr 2004 16:43:53 +0400

Hi List.

I found XSS in cookie on an Web-application.
So, if i use special-crafted cookie, I can run XSS attak against the site users.
To accomplish attack I must modify cookie on client computer, which I can do by 
 XSS :-)

Is it vulnerability and if it is, how to use this attack?

Thank you, and sorry for my English,


(c)oded by offtopic@xxxxxxx

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: Re: [Full-Disclosure] no more public exploits
Next by Date: Re: [Full-Disclosure] no more public exploits
Previous by thread: Re: [Full-Disclosure] Top 15 Reasons Why Admins Use Security Scanners
Next by thread: [Full-Disclosure] [ESA-20040428-004] 'kernel' Several security and bug fixes
Index(es):
- Date
- Thread