Bugtraq mailing list archives
Re: XSS in HTDIG
From: Henrik Edlund <henrik () edlund org>
Date: Fri, 28 Jun 2002 19:06:29 +0200 (MET DST)
On Thu, 27 Jun 2002, Peter Watkins wrote: PW> What version is this? With the sample templates in ht://Dig version PW> 3.1.6, the "words" info seems to be properly escaped -- I just see the PW> <script> stuff inside the text input box, and translated on the page. PW> For example, PW> PW> http://www.htdig.org/cgi-bin/htsearch?config=htdig;words=%22%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E PW> PW> My example URL suggests that version 3.1.5 is also immune, though 3.1.5 PW> has other issues that 3.1.6 resolves -- see PW> http://online.securityfocus.com/bid/3410 and PW> http://www.htdig.org/index.html Version 3.2.0b3 seems to be vunerable. -- http://www.edlund.org/
Current thread:
- XSS in HTDIG Howard Yeend (Jun 26)
- Re: XSS in HTDIG Peter Watkins (Jun 28)
- Re: XSS in HTDIG Henrik Edlund (Jun 28)
- Re: XSS in HTDIG webmaster (Stephen Ostermiller) (Jun 28)
- Re: XSS in HTDIG Peter Watkins (Jun 28)