Bugtraq mailing list archives
XSS Vulnerability on Vodafone
From: try_og () hotmail com
Date: 24 May 2006 21:36:30 -0000
Some link on the website Vodafone.de contains a little vulnerability that could be used for illegal purposes. It could be used for phishing or other purposes. hxxp:// website /simlock/servlets/sim?IMEI=[XSS-Code Here] hxxps:// website /simlock/servlets/sim?IMEI=[XSS-Code Here] Actually it's a page that's used for getting your unlock code for a VPA IV. It's limited to 15 input characters, but it's easily bypassed by looking at the source of the page and searching for the little page where the input goes. I hope they fix this "little" big problem. O.G.
Current thread:
- XSS Vulnerability on Vodafone try_og (May 26)