[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability
From: str0ke <str0ke@xxxxxxxxxxx>
Date: Thu, 17 Jan 2008 12:40:43 -0600

Fredrick Diggle wrote:
> #######################################################################
>
> =======
> 3) Proof of Concept
> =======
>
> 1. Open Notepad
> 2. Enter the following text
> <script>alert("xss");</script>
> 3. Save file as "exploit.html"
> 4. double click the payload file
>
> #######################################################################
>   
lmfao.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability
  - From: worried security

References:
- [Full-disclosure] [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability
  - From: Fredrick Diggle

Prev by Date: Re: [Full-disclosure] Hardware-based full disk encryption
Next by Date: Re: [Full-disclosure] [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability
Previous by thread: Re: [Full-disclosure] [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability
Next by thread: Re: [Full-disclosure] [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability
Index(es):
- Date
- Thread