Bugtraq mailing list archives
XMB "U2U Instant Messenger" Cross-Site Scripting
From: Advisory () aria-security net
Date: 20 Jan 2007 22:09:27 -0000
#Aria-Security Team #http://Aria-Security.com #Contact: Advisory () aria-security com #Type:Remote Cross-Site Scripting #Article on XSS: http://aria-security.net/xss.rar #Discovered By Aria-Security Team #Software: XMB U2u Instant Messenger # #Explanation: First of all user must be REGISTERED - Go to http://target/xmbpath/memcp.php ---> U2U Instant Messenger - Inster your xss code for the recipient - Press Preview Original Advisory http://aria-security.com/forum/showthread.php?p=129
Current thread:
- XMB "U2U Instant Messenger" Cross-Site Scripting Advisory (Jan 22)