Bugtraq mailing list archives
OmniHTTPd test.shtml Cross-Site Scripting Issue
From: "Matthew Murphy" <mattmurphy () kc rr com>
Date: Sun, 25 Aug 2002 10:54:09 -0500
OmniHTTPd's Test.shtml sample is also vulnerable to a similar issue: http://localhost/test.shtml?%3CSCRIPT%3Ealert(document.URL)%3C%2FSCRIPT%3E=x Will pop up an alert containing the above URL. Of course, this has other uses (cookie theft, faking sources, etc.)
Current thread:
- OmniHTTPd test.shtml Cross-Site Scripting Issue Matthew Murphy (Aug 26)